NotPetya: One year on – Have businesses learnt the lesson?

Once in a system, NotPetya encrypted computers belonging to some of the worlds largest organisations, and sometimes used a flash up screen requesting a Bitcoin ransom to restore access to the files.

It added to a serious of large-scale attacks in 2017, following on just weeks after attacks like WannaCry which reacted havoc on major organisations, such as the NHS.

>See also: The comprehensive IT security guide for CIOs from Information Age

According to a report by Cybereason, the attack has cost companies an estimated $892.5 million in lost revenue, while organisations like FedEx estimated a loss of $300 million.

Since the fallout of these attacks, a lack of regular patching of outdated systems because of the issues of downtime and disruption to organisations has been identified as a critical pathway for the virus.

Have we learnt a lesson

While industries have updated standards and protocols, some argue that enterprises are not doing enough.

Charles Eagan, Chief Technology Officer, BlackBerry, said: “The solution lies in the industry and vendors looking at alternative methods which kill off bad processes and patch in an ongoing synchronous manner rather the current asynchronous process involving a download to allow the patch to run and reboot machines.”

>See also: Avoiding incidents like the WannaCry and “NotPetya” ransomware

“The issue of cyber security goes beyond the industries making the front pages for breaches of cybersecurity. According to the Department for Digital, Culture, Media and Sport’s Cyber Security Breaches Survey 2018, around 43% of UK businesses have experienced a cybersecurity breach in the past 12 months. This highlights the fact that you cannot retrofit security and protection is a continuous activity spanning many areas including Life Cycle Management.”

The most secure organisations do not adopt one-size fits all approach, but instead, take a proactive approach and implement robust security practices that match the nature of their organisation.”

Boards have increased focus on cyber threats

Despite this stark warning, awareness of cyber security at board level is growing, according to research by Vanson Bourne, as part of an international survey of 500 businesses in the UK, France, Germany and the USA, was commissioned by endpoint protection specialist SentinelOne.

According to their findings, 50% of respondents claim to have more visibility of attacks at board level, with the cost of ransomware on their bottom-line being a stand-out factor behind their heightened awareness.

One of the most significant board level reactions to ransomware has been an increased implementation of education, with 54% citing a higher likelihood of introducing employee training and awareness programmes.

A further 43% claim that there is more budget for security now being allocated.

>See also: Is 2018 the year cybercrime becomes mainstream?

Overall, 79% of respondents said that they are getting better at fighting ransomware. While 75% also agree that behaviour-based analytics is the only way to stop more sophisticated ransomware attacks.

On the flip side, in the past year, only 49% of organisations have reported ransomware attacks to law enforcement agencies, this is 54% fewer than in 2016’s report.

A shape of things to come

In its National Strategic Assessment of Serious Crime 2018 Report, The National Crime Agency warned about the under-reporting of data breaches, stating: “Many companies are not disclosing data breaches, putting victims at risk.”

In the post-Brexit era, when more questions are being asked about the potential impact on cyber-intelligence sharing, most UK organisations – 75% – want to see greater international co-operation between countries to protect against attacks. A further 31% of organisations were in favour of governments having the power to ‘hack back’ in the case of nation state attacks.

>See also: Cyber attacks are spreading at record pace

Migo Kedem, Director of Product Management at SentinelOne says: “Clearly the impact of last year’s ransomware attacks has been far reaching. However, on a positive note, the publicity which these attacks garnered has made board members sit up and take notice of the potential impact to their organisation. It’s also encouraging to see that this is translating into positive action, such as user awareness training.”

He added: “We certainly can’t afford to be complacent. Ransomware attacks are spreading faster and becoming more destructive and sophisticated. Organisations need to keep pace with this and employ techniques that can detect even the stealthiest of attacks.”

Avatar photo

Andrew Ross

As a reporter with Information Age, Andrew Ross writes articles for technology leaders; helping them manage business critical issues both for today and in the future

Related Topics