In the year of the pandemic, it’s been easy to lose sight of the other recent plague – ransomware.
The world hasn’t experienced a major WannaCry or NotPetya-style worm-driven attack in a long time, but that doesn’t mean ransomware authors have been any less busy.
In fact, news broke just this week of an attack on Seyfarth Shaw, a global law firm with offices in NSW and VIC, and Spotless Group.
Seyfarth Shaw’s IT team became aware of the attack as it was unfolding, and managed to quarantine it, but not before a number of systems were encrypted and had to be shut down.
The US head office of Seyfarth said it is “coordinating with the FBI” and “working around the clock to bring our systems back online as quickly and safely as possible.” Source IT News.
Australia’s Spotless Group was attacked last Friday the 9th of October. It deployed business continuity plans to keep delivering services, but the attack was serious enough to notify the Australian Cyber Security Centre and call in external experts to dissect it and ensure a smooth recovery.
These issues highlight two key takeaways
- Ransomware hasn’t hit the mainstream news headlines much this year, but it’s increasing at a concerning rate. Checkpoint produced a report in June that indicated a 50% increase, on average across the countries protected by its security product.
Indeed, as IT News noted, Spotless is just the latest in a string of Australian business entities that have been attacked with ransomware in 2020. Others in the list include Toll Group, Lion, BlueScope and Regis Healthcare.
- Vigilance is a key IT skill that can be encouraged through but no amount of training can see it maintained 100% of the time. The reason that many ransomware schemes are successful is that humans are fallible and can be tricked into clicking on links that, in retrospect, should have been more thoroughly questioned. Humans need backup.
Vigilance in a Bottle
Your IT team (either a Managed IT Service Provider or your in-house team) needs to deploy a Security Event Monitoring Platform that can alert it quickly to ransomware infections, which can rapidly encrypt whole networks if left unchecked. It’s the backup for when human vigilance fails.
This article was originally published on Computer One Australia.