It is being widely reported that a new wave of cyberattacks is currently hitting companies and governments. The attack has spread around the globe in a matter of hours, affecting the Ukrainian government, Russian enterprises, and other companies throughout Western Europe. Just like the WannaCry ransomware that struck worldwide in May, the new attacks apparently involve malware that encrypts or otherwise restricts access to computers and systems—and apparently the malware exploits some of the same vulnerabilities as WannaCry. Like a typical ransomware attack, the attackers demand that the victims pay to receive the decryption key or to otherwise recover access to the compromised machine.
As we noted in May after the WannaCry attacks, it was highly likely that ransomware would continue to be weaponized and used against numerous companies at once. Less than two months later, here we go again. These attacks are a wake-up call; it should be abundantly clear by now that global attacks are becoming a new normal. We do not, however, counsel despair. To the contrary, our team is working with companies around the world to help them be more resilient in light of these evolving threats. In the face of these increasing risks of attacks, there are a number of key steps that a company can take to protect itself from the inevitable next wave of attacks, including:
In addition, we are continuing to compile resources to help you prepare for and respond to a ransomware incident: