Acer becomes latest victim of ransomware attack
It has recently been reported that the company Acer was hit by a REvil ransomware attack and that documents were shared with them by the ransomware gang via its website as proof of the theft. The gang are demanding $50 million but it has not yet been confirmed if the company plans to pay.
The comment on this attack from Simon Mullis, Director of Technical Account Management at Tanium:
“In this case, Acer was able to spot the compromise of its systems fairly quickly, but for businesses that aren’t so fast the repercussions can be even more severe.
Protecting an organisation from the impact of any attack - including ransomware - comes down to ensuring security defences are up to date, appropriately configured and by making sure employee behaviour is driven towards best practices. Focusing on these areas will help to minimise the impact of the many security issues which are caused by gaps in basic IT hygiene. These weak points can be identified and fixed before a problem occurs if organisations have the correct level of visibility and control into the IT environment, but many don’t.
In the aftermath of an attack it is important to immediately start the process of damage control, to mitigate the impact as much as possible. Endpoint management tools can help with this by detecting unauthorised access to a company’s systems, as well as locating and managing sensitive data across endpoints to avoid future attacks.
The main questions that IT teams should be asking themselves when defending their organisation against attacks like the one Acer fell victim to are: Is everything patched? Are security tools up to date? Is there complete visibility of all endpoints within your perimeter? It can take many organization days, weeks and even months to complete a patching cycle or even to get reliable information about their software and hardware assets. What they need is to be able to get visibility and be able to take action in minutes. Also, another complexity is location: Now that everyone is working from home, can you apply the same visibility and protection to all of your employees - indeed, all of your assets - whatever their location? Having a strong strategy in place that covers these fundamental areas will go a long way towards protecting an organisation."