On June 27th—just a month following the worldwide WannaCry panic—a new malware variant entered the scene. Fast-moving and massive in scale, NotPetya sent global corporations scrambling to restore business operations, only to find their backup and recovery solutions weren’t up to the task.
Corporations like global transportation, logistics, and energy giant, A.P. Moller – Maersk—which announced today that the malware infection will cost them $200 – 300M.
The astronomical cost of insufficient malware protection
A.P. Moller – Maersk operates nine businesses, and is the largest container ship and supply vessel business in the world. And, in June, it disrupted three of its nine businesses for weeks when it discovered malware-affected systems and forced a network shutdown to contain the infection.
It was later determined that the malware entered their systems via the Ukranian accounting software, MeDoc. Containing backdoors into user networks, the modified version of the Petya ransomware, now known as NotPetya, was able to spread—and spread quickly—exploiting the same EternalBlue Windows vulnerability that gave rise to WannaCry.
While A.P. Moller – Maersk was able to report that “no data breach or data loss to third-parties has occurred,” the weeks-long business disruption came at a heavy price.
The estimated $200 – 300M price tag factored in:
- Lost business revenue
- Additional labor costs incurred during the attack
- Costs associated with removing the infection and restoring systems
A.P. Moller – Maersk wasn’t the only high-profile victim of NotPetya, of course. FedEx; American pharmaceutical giant, Merck; the National Bank of Ukraine; and Russian oil company, Rosneft were also waylaid by the malware.
How can you reduce the financial impact of a malware infection?
This question will result in a different answer for every organization. Determining the right solution begins by thoroughly documenting your data, applications, and systems—and identifying how critical they are to your operations.
With business requirements and service levels clearly defined, you’ll be equipped to most efficiently and cost-effectively apply the right level of data protection.
Furthermore, we recommend you adopt these backup and recovery best practices to ensure you can withstand a cyber attack:
- Employ a 3-2-1 backup strategy to ensure recoverability—maintaining three copies of your data; two of which may be local, but one must be offline; and one which must be off-site
- Ensure your backup data isn’t on a shared network
- Exercise the practice of least privilege to reduce points of vulnerability across your networks
- Leverage virtual standby and instant VM to resume business operations swiftly
- Regularly perform disaster recovery testing to ensure vulnerabilities are identified and resolved before it’s too late
The fact of the matter is: backup and recovery isn’t sexy—it often becomes the can that’s kicked down the road. But, when malware has impacted your systems—and it will—it’s the only thing that can save you.
Ransomware attackers are the schoolyard bullies of cyberspace, and they’re unrelenting in their hunt for your “milk money.” Get caught unprepared, and you’ll be forced to choose between rewarding the cyber extortionist with bitcoins—or weathering the financial burden that naturally results from data loss and downtime. Well, we think that stinks. To that end, we’ve…
Cybercriminals are fueling near continuous news coverage of governments, universities, healthcare systems, and businesses brought to a screeching halt by ransomware. Caught unprepared, these organizations are then forced into an uncomfortable cost-benefit analysis: Cough up the ransomware payment or endure the damaging impacts of downtime and data loss. It’s not always an easy choice. But…
The art of the scam is nothing new. While ransomware attacks now fuel a continuous stream of breaking news, we only have to think back to the many distraught Nigerian princes—all who suffered the loss of their uncles and were desperate to find safe places to stash their unexpected inheritances—to remember how long these “spray…
If the ransomware threat wasn’t already keeping you up at night, surely the attack on Atlanta has left you questioning the strength of your cyber defenses and disaster recovery. Now, it should be abundantly clear to all who work in local government that you are under attack. And, it’s up to you to ensure critical…