At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    The Ukraine War Started A New Wiper Malware Spillover Risk

    RTS5RLIM

    The war in Ukraine increases the risk of wiper malware to spill over. I’m sure you remember NotPetya, which caused billions of dollars of downtime damage. The WSJ reports that Symantec observed wiper malware was put in motion just hours before Russian tanks arrived in Ukraine.  

    The WSJ said: “The wiper malware—this version is being called HermeticWiper by researchers—could mark an escalation in cyberattacks against various Ukrainian targets, security experts said. Websites of government agencies and banks were disrupted on Wednesday, and on Thursday, that of the Kyiv Post, an English-language newspaper.”

    “On Wednesday, Slovakia-based cyber firm ESET said it also detected the wiper strain on hundreds of machines in Ukraine, adding that timestamps indicated the malware had been created nearly two months ago in preparation for deployment.”

    The WSJ noted that “On Thursday morning, CISA Director Jen Easterly tweeted a Wired magazine article on the 2017 NotPetya hack, which emanated from a Ukrainian accounting firm and caused billions in lost sales and other damage to businesses including FedEx Corp. and Merck & Co. Inc. “While there are no specific threats to the U.S. at this time, all orgs must be prepared for cyberattacks, whether targeted or not,” Ms. Easterly wrote.

    So, we strongly recommend to:

    1. Make sure your backups work and test your restore function, not for just files but whole servers
    2. Patch all known vulnerabilities and test the patches
    3. Deploy strong MFA to as many employees as you can (some MFA can be easily circumvented)
    4. Step all employees through at least a 15-minute security awareness training module to keep them on their toes with security top of mind

    Find out if your organization’s MFA solution
    can be hacked by the bad guys now!

    Did you know that all MFA mechanisms can be hacked, and in some cases it’s as simple as sending a phishing email? That’s why it’s important to know the exact security risks your MFA solution has and how your users’ accounts may be compromised.

    masareport-thumb

    Here’s how MASA works:

    • You will receive a custom link to take your assessment
    • Answer a series of technology questions relevant to your MFA solution
    • Get an instant high-level snapshot of potential risks with your MFA
    • Receive your in-depth report packed with actionable insight and detailed analysis on specific MFA attacks and tips for your top defenses 
    Assess My MFA Solution Now!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/multi-factor-authentication-security-assessment-partner?partnerid=001a000001lWEoJAAWMulti Facr

    Sign Up to the TIO Intel Alerts!

    Back To Top