Today’s Ransomware Attacks: 5 Cybersecurity Facts for MSSPs
As ransomware cyberattacks spread across the globe yet again, here are five facts about today’s attacks that MSSPs (managed security services providers) should keep in mind.
1. Ransomware Name: Most pundits are referring to the attacks as a Petya variant, with some also mentioning Goldeneye. Sources: Multiple.
2. How It Works: The attack is complex and infiltrating from several vectors, one of which is a fake Microsoft Digital Certificate that ultimately clears the Windows event log before shutting down the machine and encrypting its files. Source: VIPRE Security.
3. First Attack: ESET said the first known infection occurred early on June 27, through a Ukrainian software company called MeDoc. MeDoc denied that its program was the initial infection point. Source: The New York Times.
4. Total Victims: Kaspersky Lab says about 2,000 computer systems have been impacted so far, but we’re checking to see if that statement involves individual computers or individual companies/organizations. Source: Kaspersky Lab
5. Company Victims: Merck, along with companies in France and Russia, among other regions. Sources: Multiple.
6. Security Safeguards: Several security software and cloud companies say their tools safeguard customers from today’s attacks. Here’s a sampling of statements and views from multiple technology companies. Sources: Multiple.
Keep checking MSSP Alert’s home page for more updates.