This spring months were marred by a significant uptick in ransomware attacks against businesses in a variety of industries. In this post, we’ll take a look at some of the most notable ransomware attacks this year and how you can keep your business protected.
Norsk Hydro and LockerGoga
Norsk is one of the world’s largest manufacturing companies, with 35,000 employees in 40 countries. Earlier this year, a ransomware attack shut down its operations for almost an entire production week, resulting in at least $40 million in lost revenue.
In late March, the company fell victim to the LockerGoga ransomware strain that first appeared in January. LockerGoga infiltrates networks, changes user passwords, logs out of network connections, and then encrypts all the files on the target network. The perpetrators demand payment in Bitcoin to decrypt data. Systems that rely on virtual machines are particularly vulnerable, and industrial companies are the most frequent target.
Fortunately, LockerGoga can’t transmit instances across organizations. However, researchers claim the individuals behind LockerGoga have been refining its capabilities, and it continues to remain a threat. The LockerGoga attack forced Norsk to revert to manual operations for several days. Instead of paying the ransom, however, they decided to restore systems from backups, but it can never get its lost revenue, time, and data back.
The Weather Channel
The Weather Channel went off-air earlier this year after a ransomware attack. On April 18, the network was providing live coverage of major snowstorms in the northeastern United States. However, the channel was forced to air a rerun in lieu of live programming. While the channel hasn’t released which strain of ransomware attacked it, normal network operation was restored fairly quickly, showing a relatively reliable continuity and disaster recovery platform is in place.
In March, Arizona Beverages experienced a malware attack that locked almost 200 company computers and servers, shutting down the sales division for several days. Ultimately, it took the company two weeks to make a complete recovery. The root problem was determined to be an outdated Windows system that had not been actively updated or patched. In addition, on-site backup systems malfunctioned, and the company likely ended up spending hundreds of thousands of dollars on recovery and in building a new network.
The attack was found to be a version of iEncrypt that was likely delivered via malware infection about two months earlier. It corrupts networks by deleting Windows shadow volumes and system restore points while encrypting files to cripple networks. This is a useful reminder that networks are susceptible to latent malware, so your system may be infected for months before experiencing broader network issues.
IT Support Long Island
If you want to prioritize security and take a proactive approach to protecting your day-to-day operations, don’t wait to learn the hard way. Call the cyber security experts at Hi-Tek Data today. We’ll help you build a robust security platform around your industry-specific threats and risks, so you can stay protected today while preparing for tomorrow.