Visser Precision, a manufacturing company that makes custom parts for various industries, confirmed it was recently targeted in a ransomware attack, according to TechCrunch. The attack was allegedly caused by the DoppelPaymer ransomware, a new file-encrypting malware that first exfiltrates the company’s data and then threatens to publish the stolen files if ransom is not paid. Malicious actors are gradually publishing the breached data online on a website, which contains a list of Visser’s stolen files, such as folders with customer names like Tesla, SpaceX, Boeing and Lockheed Martin. Some of the files are available for download.
To understand more about the attack and the implications for businesses in general, Digital Journal caught up with Stephan Chenette, Co-Founder and CTO at AttackIQ, Inc.
According to Chenette these kinds of issues are reflective of holes in security protocols: “Cybercriminals are continuously looking for gaps in security defenses and vulnerabilities to turn a quick profit. ”
With the recent attack, Chenette states: “Knowing that the exposed files in this particular incident consist of sensitive data on various companies that are often involved with government and military operations, is especially concerning.”
In terms of more general vulnerabilities for all businesses, Chenette notes: “Organizations that manage large amounts of extremely confidential information, need to take more proactive approaches to protect their data from ransomware attacks.”
Such preventative measures include: “mapping organizational capabilities and security controls to specific attack scenarios to measure their preparedness to detect, prevent and respond to these threats.”
In addition, businesses “should also employ continuous evaluation of their existing security controls to uncover gaps before a hacker finds and exploits any weaknesses. Additionally, organizations should do their due diligence in ensuring third-party partners are practicing adequate security measures and extend testing to partners as well. Doing so would minimize the impact of a ransomware attack or even prevent it from happening in the first place.”