National Cyber Security Alliance Statement on International Cyber Attack
Washington, D.C., June 27, 2017 – The world was hit with another widespread ransomware attack on Tuesday morning. Early reports suggest the virus, potentially related to an existing strain of malware called Petya, is spreading rapidly from Europe to the U.S. and countries around the world (New York Times; NPR). [mK1] As in many cybersecurity incidents, little is known yet about the actors and the motivation behind this event, although a $300 bitcoin ransom is being requested to decrypt files. It may take some time to fully attribute the attack to a specific source.
This is the second large-scale ransomware outbreak in the last three months, following WannaCry in May. Ransomware is not new. The first case of encrypting files and demanding payment was in 1989. Ransomware attacks have been increasing as cybercriminals become more sophisticated and as crypto-currencies create a vehicle for non-traceable payments.
“On the heels of WannaCry, we yet again see the vulnerability of connected systems across the globe. Today’s attack hit critical infrastructure—finance, transportation, manufacturing and more,” said Michael Kaiser, executive director of the nonprofit National Cyber Security Alliance in Washington, D.C. “It is much more than an inconvenience. We are more dependent than ever on the data stored across our computer systems. It is our shared responsibility to do our part in keeping devices secure. It all starts with basic cyber hygiene around software updates and locking down logins.”
“Prevention is clearly the goal,” adds Kaiser. “However, organizations and individuals should also be prepared to respond to and recover from an attack to minimize downtime and disruptions.”
There are defenses that can help to prevent ransomware infections. Basic cyber hygiene can provide significant immunization against such attacks, including:
A good starting point for any organization is implementation of the National Institute of Standards and Technology (NIST) Cybersecurity Framework. By addressing five easy steps — Identify, Protect, Detect, Respond and Recover — businesses and organizations can begin to craft a holistic approach to cybersecurity.
Other helpful resources include: