The Russian cyberattacks on Ukrainian organizations reminds us that the attacker isn’t always looking to steal data or extort money. Sometimes they just want to cause as much damage as possible. Both Microsoft and Mandiant recently released information about these destructive attacks and how to better protect against them.
Regardless of geographic location, all of us can learn from how these attacks occur and are mitigated. The attacks were extreme in their destruction. As Microsoft noted in its blog, “The malware in this case overwrites the MBR [master boot record] with no mechanism for recovery.” This leads the system to be unbootable and unrepairable without a full reinstall or recovery from a full backup of the system. Thus, the first lesson is to ensure that you have the tools and resources to either fully redeploy your workstation images or have a full ability to recover your platforms.
The Russian cyberattacks on Ukrainian organizations reminds us that the attacker isn’t always looking to steal data or extort money. Sometimes they just want to cause as much damage as possible. Both Microsoft and Mandiant recently released information about these destructive attacks and how to better protect against them.
Regardless of geographic location, all of us can learn from how these attacks occur and are mitigated. The attacks were extreme in their destruction. As Microsoft noted in its blog, “The malware in this case overwrites the MBR [master boot record] with no mechanism for recovery.” This leads the system to be unbootable and unrepairable without a full reinstall or recovery from a full backup of the system. Thus, the first lesson is to ensure that you have the tools and resources to either fully redeploy your workstation images or have a full ability to recover your platforms.
More Stories
Midnight Blizzard Targets European Diplomats with Wine Tasting Phishing Lure
Russian state actor Midnight Blizzard is using fake wine tasting events as a lure to spread malware for espionage purposes,...
Age Verification Using Facial Scans
Discord is testing the feature: “We’re currently running tests in select regions to age-gate access to certain spaces or user...
NTLM Hash Exploit Targets Poland and Romania Days After Patch
An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the...
Senators Urge Cyber-Threat Sharing Law Extension Before Deadline
Bipartisan support grows in Congress to extend Cybersecurity Information Sharing Act for 10 years Read More
Identity Attacks Now Comprise a Third of Intrusions
IBM warns of infostealer surge as attackers automate credential theft and adopt AI to generate highly convincing phishing emails en...
Microsoft Thwarts $4bn in Fraud Attempts
Microsoft has blocked fraud worth $4bn as threat actors ramp up AI use Read More