location
contact us

Would you like to learn more?

Send me a message

Send me a message

R&D

Exeon Analytics AG
Grubenstrasse 12
8045 Zürich
Switzerland

 

Registered office

Exeon Analytics AG
Hofackerstrasse 14
CH-8032 Zürich
Switzerland
MWST-Nr.: CHE-196.534.272

 

Blog | The return of ransomware

Ransomware as a cyber threat is on the rise. Over the summer companies like Meier Tobler, Omya and various German hospitals were affected. Hackers infiltrate businesses through malicious emails, steal and encrypt critical data. Companies are forced to pay a ransom or face the complete loss of their data. The aftermath of an attack can cost companies millions of dollars! While regular data back-ups help to prevent a complete loss, costs related to business interruptions and the risk of having trade secrets revealed should not be underestimated. I strongly recommend to make life hard for every attacker in your system, through a restrictively configured firewall. If you want to know how Exeon helps you to detect holes in your firewall, read the full blogpost or book directly a personal video call.


By David Gugelmann, September 2019

Two years after the infamous WannaCry/NotPetya attacks, the story of ransomware is far from over. The number of Ransomware attacks has surged over the summer. Amongst the victims were the Swiss construction company Meier Tobler, the multi-billion mineral company Omya and various hospitals in Germany.

Ransomware attackers typically infiltrate a system via malicious emails and move from the infected workstation further around in a company’s IT system. The goal is to steal and encrypt critical data, and block users’ access. Businesses are forced to pay a ransom to regain control. Without proper backup processes in place, companies falling victim to a ransomware attack face the complete loss of their data. The aftermath can be dramatic. Meier Tobler estimates, that the financial loss resulting from the attack will amount to CHF 5 million.

Ransomware attacks on businesses are on the rise, warns the German Federal Office for Information. They are shifting from standardized and high quantity attacks towards fiercer, more advanced and customized attempts to infiltrate companies in a targeted manner in order to increase the ransomware sums paid. As a consequence, the number of ransomware attacks on businesses rose by shocking 365% over the last year.

What does this mean for your company and how can you protect your organization against such attacks? The first and foremost remedy against detrimental consequences from ransomware attacks is simple: regular backups to restore data. One should however not forget to disconnect the back-ups from the rest of the IT network, otherwise the attacker can simply encrypt the backups as well.

However, even without data loss, ransomware attacks can be costly for companies due to business interruptions while containing the attack.

Further, it’s likely that sophisticated attacks will not only try to encrypt data, but also steal trade secrets they discover while exploring the victims network. It seems that attackers often can easily move across the IT network of a company, allowing them to encrypt even the most critical data, as well as above mentioned backups. In most cases, this could be simply detained by a more restrictively configured firewall and more careful user management, which protects the critical servers inside a corporate network from infected workstations.

But where to start the so-called “hardening” of your firewall and how can this be done without risking blocking communication required for your normal business? Exeon Analytics’ Security Audit, the ExeonThreatReport, provides you with the perfect starting point. Exeon’s machine learning and big data algorithms analyse the data flows of your network, compare it to what they’ve “learned” to be normal and are thus able to detect existing attacks as well as weaknesses that may pose further threats. The results will enable your company to close holes in your firewall and undercut unnecessary data flows between critical servers and more exposed endpoints.

If you are interested to learn more, please reach out to contact@exeon.ch or book a video conference directly over this link.

 

As CEO of Exeon Analytics, cyber security is the number one topic on my agenda. In this blog post, I will share the most important trends, new topics or background analyses in a condensed form. This blog post is for everyone with an interest in cyber security. Our CTO Markus Happe regularly writes about more technical topics. 

________________

Find here additional articles on the topic:

Ransomware attack targets Swiss construction company Meier Tobler

Users are often the weak link. Hackers gained access to Meier Tobler through an infected attachment to a hotel booking confirmation. Meier Tobler very transparently processes the attack to increase awareness. Cudos! Read full article

German hospitals infected by ransomware attack

13 hospitals were affected by the cyber attack, but patients were not harmed. Read full article

Back