Support

support@partek.ca

Contact

(403) 488-3333

Last week, at least fifteen Ukrainian public institutions and government agencies’ websites were hacked and defaced by a new malware family Microsoft calls ‘WhisperGate’.

Microsoft warns of the new malware family disguised as ransomware which is being used in attacks against multiple organizations in Ukraine. Since January 13th, Microsoft detected attacks that implement a destructive two-stage attack used to intentionally destroy their victim’s data. Because the malware does not offer a means to recover the maliciously encrypted data, Microsoft did not classify this as ransomware (an attack aimed to collect a ransom payment), but rather a deliberately destructive attack. With geopolitical tensions recently escalating between Russia and Ukraine, it is believed that the malware attacks are designed as an intimidation campaign to propagate chaos in Ukraine.

Due to the coordinated cyberattacks against Ukraine last week, the Cybersecurity and Infrastructure Security Agency (CISA) urges U.S. organizations to strengthen their cybersecurity defenses against data-wiping attacks.

“This CISA Insights is intended to ensure that senior leaders at every organization in the United States are aware of critical cyber risks and take urgent, near-term steps to reduce the likelihood and impact of a potentially damaging compromise,” warns a new CISA Insights bulletin. “All organizations, regardless of sector or size, should immediately implement the steps outlined below.”

While the CISA’s recommendations are in direct response to the recent cyberattacks on Ukraine, their recommended steps are also excellent advice for all businesses looking to prevent any network intrusion or ransomeware attack.

Reduce the likelihood of a damaging cyber intrusion:

Take steps to quickly detect a potential intrusion:

Maximize the organization’s resilience to a destructive cyber incident:

Learn more about Partek’s Fully-managed, layered security solution that will keep your data safe in the event of a breach.

 

Resources:

Bleeping Computer January 14th Article 

Bleeping Computer January 16th Article

Bleeping Computer January 19th Article