Ransomware attacks are an everyday occurrence. Whenever I speak to people at security events, almost every single company has been hit in some way. Some only find out about it when users call the internal help desk because they're "curious" about Bitcoin but others are hit far harder.
Maersk is probably not a company many of us know. But the recent NotPetya attack <a href="https://www.theregister.co.uk/2017/08/16/notpetya_ransomware_attack_cost_us_300m_says_shipping_giant_maersk/"cost the company about US$300M. Locally, we heard that Cadbury had to close their factory in Tasmania, costing the parent company about $140M and the purchase of the Vegemite by Bega Foods from Cadbury's parent company was delayed.
Ransomware is far more damaging than a $500 ransom.
We've said this before at Lifehacker but the losses reported this week by Maersk are a timely reminder to:
- Keep systems patched
- Continually educate users about how to identify phishing attacks and to not click dodgy links and attachments
- Maintain up-to-date end-point protection
- Talk to your peers and others in your industry vertical to share threat information