Major Engineering Giant Hit with Ransomware:
Why You Should Worry?

Major Indian Engineering Company Hit by Ransomware Attack, Halts Operations

A leading manufacturing giant in India was victimized by a vicious Ransomware attack.

India’s leading engineering and manufacturing company became the latest victim of a brutal Ransomware attack. The attack has led to a prolonged shutdown of the company’s critical operations affecting its supply chain and revenue.

Over the past few years, Ransomware has turned out to be the most prevalent and costly cyberattack type in the country. According to a report by Sophos, 78% of Indian organizations were hit by a Ransomware attack last year, which is up by 68% in 2020 with more than 10% of victim companies ending up paying a ransom of more than $1 million.

Overview

The company is engaged in the manufacture, design, selling and supply of various types of heavy industrial machinery and goods to its customers around the world with offices and manufacturing units across the country.

The company identified the type of attack (Ransomware) and proactively took certain measures to contain the threat forcing it to halt critical operations. The in-house IT team noticed that its systems are encrypted followed by server failures in certain locations.

The IT team thought of it as a hardware malfunction initially. However, after rebooting the systems, they found the data to be encrypted. Attackers left instructions on an infected computer on how to proceed with the ransom payment.

The company’s in-house IT team with the help of external cybersecurity experts has launched a cyber investigation to ascertain the scope and nature of the Ransomware attack. The manufacturing giant is also said to have informed and contacted the respective law enforcement and agencies including CERT-IN.

“Our primary focus is to secure company data and restore our operations while containing the breach and minimizing disruption to our customers around the world who rely on us,” said a company representative.

At the moment, it is unclear how hackers gained access to the company’s systems and servers. However, the attack yet again underscores the growing menace of Ransomware attacks affecting organizations across the country at a rapid pace. It again brings to light the lethal risks of taking cybersecurity for granted. The attack reveals that no organization irrespective of the industry it operates in is completely risk-free in today’s digital-first and connected economy.

How companies can prevent Ransomware attacks?

Futurism recommends the following best cyber defensive measures to prevent Ransomware and other attacks:

• Maintain robust endpoint security across all critical endpoints

• Proactively hunt for threats using advanced threat detection (SIEM) solution

• Encrypt data with strong data monitoring and protection

• Back up your data regularly and have a disaster recovery plan

• Secure your network architecture with robust network security protocols

• Strong firewall protection and vigilance

• Update antivirus, OS, and other critical software regularly

• Web and email protection against phishing, malware, and new strands of Ransomware

• Privileged user monitoring and abnormal network behavior (insider threat protection)

• Block USB ports. Implement a Zero Trust Security Model across the organization

• Protection against malicious websites and web threats

• Patch vulnerable devices, systems, ports, etc. with extended detection and response solution

• Discontinue end-of-life devices/OS

• Monitor remote network access with robust access-based policies (IAM)

• Create cyber awareness among employees

• Have risk mitigation and business continuity plan

• Monitor data traffic through a state-of-the-art SOC (Security Operations Center)

Takeaway

Cybercriminals have become creative, nimble and sophisticated in an era when companies struggle to keep up with security. Thus, the million-dollar question – how can companies prevent these attacks? One of the smartest ways to prevent these attacks is to seek help from a trusted cybersecurity service provider that offers the right layers of security resources and skills, who will leverage market-leading threat intelligence to spot and stop such intrusions and breaches in real-time.

Disclaimer: All the information, views and opinions expressed in this op-ed are those of the authors and their respective web sources and in no way reflect the views, principles, or objectives of Futurism Technologies.