Avoiding Malware Disaster
Learn from the 2017 Maersk Malware Disaster

USD 300 million estimated cost, and "within 7 minutes most of the damage was done".

Their CISO Andrew Powell : "Implementing the Lessons Learned From a Major Cyber Attack".

An important article for your technical people : "Maersk, me & Notpetya".

Note that an expert who worked on the recovery says that they remain quite vulnerable to similar attacks.

Unavoidable truth :

  • You can have convenience or safety. But not both.
  • You can have complexity or safety. But not both.

Your IT system won't get breached. Right up to the moment that it does. At which point it's obviously impossible to improve defences.

We glean a lot of information about Windows-threats from our server logs. Attackers push their stuff at our systems as if they were Windows-based ones. Such attempts always fail and all of their actions get recorded. If some of the stuff that we see gets a foothold on your Windows-based systems your day will go downhill very rapidly.

Better Defences

Your staff may need to learn new things and move outside their comfort zone. But avoiding that isn't sufficient reason to risk throwing away $millions. There's lots of recommendations in the technical article linked above.

That malware affects only Microsoft Windows. As does virtually all malware. Which makes IT diversity a superb defence. Use alternative (non-Microsoft) systems for critical processes wherever feasible.

When one global company was hit by ransomware its ERP system was completely unaffected because it runs on Linux-based servers.

The systems that we provide are based on Enterprise Linux, and they're at least as capable, and are simpler, and have better defences. More here. We can support such systems safely remotely. It's something we've been doing routinely for over 15 years. We can even install them safely remotely.

©2021-2024 : IOPEN Technologies Ltd - NZ