Acer, one of the world’s largest computer manufacturers, was hit with a $50 million dollar ransomware attack. It is the largest ransomware demand currently known.
Rumours have surfaced that attackers gained access to Acer’s systems through the Microsoft Exchange vulnerability that was exposed in January.
According to BleepingComputer, Advanced Intel’s Andariel cyber intelligence platform detected that the REvil gang recently targeted a Microsoft Exchange server on Acer’s domain, following the massive hack and exploitation of vulnerabilities of Exchange earlier this month.
If the ransomware gang responsible for the attack on Acer used the Microsoft Exchange vulnerability, it would be the first use of this attack vector by a large ransomware gang. For more information on this attack, visit here.
How businesses can prevent ransomware
This attack shows that the size of a business does not make it immune to the risks posed by the current cybersecurity landscape. If a company as large and sophisticated as Acer can fall victim, how confident are you with your own company?
To prevent ransomware, businesses can take various steps in hardening their security infrastructure and identifying gaps and vulnerabilities before they’re capitalized on.
- Ensure antivirus is installed on all machines. A critical tool for all businesses, antivirus is the first step in defending against an attack. While it should not be the only preventative measure, it is an essential one.
- Patch vulnerabilities immediately. Microsoft’s incident began with an unpatched vulnerability, as did the infamous WannaCry incident that jumpstarted the rise in ransomware over the last four years. The importance of patching vulnerabilities cannot be overstated.
- Ransomware detection. Many technologies offer ransomware detection capabilities that can alert businesses of an attack before it spreads or files are encrypted. If you’re a small and medium business (SMB), work with a managed service provider (MSP) or managed security service provider (MSSP) to see what solutions they can implement to detect ransomware on your network.
- Have a comprehensive data protection plan in place. Businesses of all sizes, across all industries, need to ensure their data is protected in the event of an attack. In addition to the precautions above, it’s important to prepare for the aftermath of an attack as well. Ensure data is regularly backed up in a secure location that you can access in the event of an attack.
- SaaS Protection on your unstructured business data is a cost-effective countermeasure. As a Datto partner, Atlas Solutions can protect your data in Microsoft or Google clouds. Learn more below: