In the modern world, ransomware attacks have become commonplace. Criminal organizations with the aim of running their cyber operations on a pretty big scale, choose big corporations, and do their best to stay invisible.
One of the largest cyberattacks in the world
Over the past few months, the Internet has been filled with a lot of news about a massive cyberattack on Garmin, a company mostly known for its GPS navigation devices. For several days the company could not function normally – the site did not work, production was stopped, people could not contact support centers, some flyGarmin services were also disabled.
What happened?
Garmin was attacked by the hackers which deployed the ransomware tool called WastedLocker. WastedLocker is a tool developed by Russians connected to the group of hackers called Evil Corp. This ransomware encrypts information and programs in the company’s digital infrastructure, but does not steal them for ransom. So, the attackers do not ask for money in exchange for information, but in exchange for a decryption key. In Garmin’s case, the key cost $10 million.
What about users? Has the data integrity been compromised?
Analysts, who conducted the WastedLocker research, claim that no data export occurred during the attack. This means that Garmin user data was not compromised.
“We have no indication that any customer data, including payment information from Garmin Pay, was accessed, lost or stolen. Additionally, the functionality of Garmin products was not affected, other than the ability to access online services. Affected systems are being restored, and we expect to return to normal operation over the next few days.”, – Garmin said in a statement.
Oddly enough, Garmin did not inform users about the attack, how it dealt with it and how the company plans to prevent such attacks in the future.
So, the global policy on fighting cyberattacks is now not very transparent. However, it is the transparency of such actions that is extremely important to preserve the reputation of companies that fight cybercriminals. As a result, Garmin not only suffered at the hands of hackers, paying an incredible amount of ransom, but also lost the trust of users and reputation in the world of technology, choosing a policy of hiding reality.
What actions can be taken to improve a company’s cybersecurity?
Steps should be taken to prevent ransomware from entering corporate systems. For cybersecurity, it is worth using the round-the-clock monitoring and protection service provided by specialists in this field, for example, the Datami.ua company. 24/7 monitoring includes:
– Installation of an intelligent security system on the site to protect your business from intruders.
– 24/7 monitoring of website safety, availability and efficiency.
– Complete site security.
All you need to do is apply for monitoring. Immediately after creating a profile, the site will be under round-the-clock security monitoring and protection from external threats. At the same time, the performance of the site will increase.
How does 24/7 monitoring and protection work?
Datami uses the world’s leading CloudFlare technology. When developing testing tools, we use standard OWASP TOP 10, SANS TOP 25 and commercial monitoring tools: Burp Suite Pro, Acunetix, Nexpose. Cloudflare’s capitalization in the latest round of venture funding is estimated at $3.2 billion. According to S-1, Cloudflare’s network covers 193 data centers in more than 90 countries and connects to more than 8000 networks around the world, including major Internet providers, public clouds providers, SaaS services and enterprises. Cloudflare has more than 20 million websites. According to Cloudflare, it provides response times of less than 100 milliseconds for 98% of Internet users in developed countries, and for 93% of users worldwide. (For understanding: eye blinking takes 300-400 milliseconds). Cloudflare receives three billion bot requests every day.
To protect businesses on the Internet, Datami specialists work according to the following algorithm:
1. Receiving a request and providing a free consultation.
2. Discussing and agreeing on a diagnostic and auditing plan according to individual need.
3. Signing a service contract and NDA.
4. Receiving payment and the necessary access in accordance with the selected format of work Black, White, GrayBox.
5. Carrying out work within 4-5 business days.
6. Providing a detailed report and recommendations for site security.
Returning to the cyberattack on Garmin, we can conclude that the company could have prevented such financial losses by using a 24/7 monitoring and protection service. After all, information and programs would be sufficiently protected for cyber defense, so specialists could react to an attack in time.
Conclusions
World organizations are affected by cyberattacks on a daily basis. In 2017, the global economy lost $600 billion due to digital crime and cyberattacks. Those digital wrongdoings affect organizations’ funds, reputations, staff, company’s operations, etc. The average amount of ransom which had to be paid in order to take control over the situation is around $100000.
In today’s world, cybercrime brings more profit to cybercriminals than any other type of crime, so it is predictable that digital attacks will continue to occur. To pay or not to pay a ransom depends on individual circumstances. Graham Cluley, an award-winning blogger, podcaster, and security speaker, highlights this point:
“It’s a decision that only you can ultimately make. Bear in mind that the more companies pay a ransom, the more the criminals are likely to launch similar attacks in the future. At the same time, you may feel that your business needs to make the difficult but pragmatic decision to pay the criminals if you feel your company cannot survive any other way.”
It is imperative to understand that a company can suffer not only from the short-term, but also from the long-term consequences of a cyberattack. Therefore, business owners must find ways to secure their online activities. And one of the best is to order monitoring and protection 24/7 in Datami.