Malware spreading cyber crooks are now targeting enterprise infrastructure with Ransomware and this was confirmed in a research carried out by Seattle based F5 Networks.
F5 Networks added in its security report some details about a South Korean based hosting firm Nayana which was targeted by ransomware. The firm’s data center was hit by data encrypting malware and the officials of the firm had to pay $1 million as ransom to come out of the said trouble.
Later few news resources from South Korea said that the Linux servers in the data center were hit by Erebus ransomware and the damage was deep. As a result of this cyber attack, thousands of customer websites hosted on Nayana servers were offline for weeks and not all could be recovered even after the said ransom was paid to the hackers.
“We should have all seen this coming and it could be devastating”, said David Holmes, a threat research evangelist at Seattle based F5 Networks.
Homes added that prior to this trend, hackers used to target one user with a phishing email. But now, it can be done with lateral movement to cause so much more damage.
To keep the data centers safe from ransomware, security experts recommend keeping systems patched. Using analytics to detect unusual behavior on the servers or networks, and using the white listing to restrict the process and applications allowed running on the servers.
Patches are critical to secure systems from malware said Holmes; referring to WannaCry ransomware which hit more than 300,000 unpatched systems in more than 15 countries.
Holmes also added that data center managers should have their machines locked down as much as possible. This can be done by creating a white list of applications for their servers, not allowing anything else to run in their environments.
Sean Curran, the senior director in the security and infrastructure practice at West Monroe Partners said that the other factor which increases the ransomware threat is the use of obsolete systems in data centers.
He added that CIOs and CTO should start focusing on their data infrastructure and replace the old and worn out systems with new hardware and software. Otherwise, it could give hackers a sweet spot to exploit and disrupt the operations and services carried out by the data centers on a severe note.
Agree with what is being said…?
Share your views through the comments section below.