Freely subscribe to our NEWSLETTER

Overall, any attack on critical infrastructure providers is significant and as names of some of the company’s customers in its Sustainability Business surface, the threat actors knew exactly what they were attacking and the ramifications of their actions could be significant.

This ransomware attack is another reminder that even giant, global organisations with world class security pros and incident responders on staff, can still be victimised. Their attack surface, with 150,000 global employees is massive. And deliberate, motivated, and persistent threat actors will eventually find a gap in the digital footprint of any company.

The good news is that Schneider is working diligently to eliminate the remaining business disruptions this ransomware attack caused and hopefully they will be operating fully in the coming days.

Overall, it is essential for organisations to know that they will all likely be targeted at some point in the next six-to-twelve months by ransomware gangs. It is a harsh reality today for all organisations and government agencies. Preparing now for the inevitable during peacetime is critical to limiting business disruptions. Companies can improve their operational resiliency by knowing what their critical systems are, including infrastructure such as Active Directory. By preparing in peacetime, defenders can make their organisations sufficiently difficult to compromise that hackers will look for softer targets. Companies should also monitor for unauthorised changes occurring in their Active Directory environment which threat actors use in most attacks - and have real time visibility to changes to elevated network accounts and groups.