Businesses around the world are reeling from “Petya,” the latest global ransomware attack, which reached at least 80 large companies and thousands of computers on Tuesday.
The Petya ransomware attacked networks that use Microsoft Windows, exploiting a vulnerability in its software, similar to how the WannaCry virus infected systems just weeks ago, The Guardian reported.
But while big companies suffered, small-to-medium-sized businesses are even more vulnerable to these kinds of attacks because of their limited financial resources.
With less money comes less robust security infrastructure, experts have said.
WATCH: Cybersecurity expert discusses global reach of latest ransomware attack
“A lot of enterprises have enterprise tools that they can use to readily patch all their systems in a timely manner,” said Razmik Ghanaghounian, a senior IR analyst from IBM’s Incident Response and Intelligence Services team.
“Those smaller companies don’t have the necessary skill-sets, resources or the financial costs associated with implementing great infrastructure or support.”
And because of these security discrepancies, smaller businesses may have a harder time recovering after being hit by a widespread ransomware attack, Ghanaghounian added.
WATCH: What was behind Tuesday’s global cyberattack?
“Many businesses just say, we’ll cut our losses and start from scratch. We learned our lesson and we’ll make sure we patch,” he explained.
Large businesses will often have whole teams of employees dedicated to monitoring its systems for security flaws and immediately addressing any vulnerabilities, said Kurt Roemer, chief security strategist for Citrix.
Small businesses, he said, likely don’t have that luxury.
“Many small businesses might hire a consultant who does security as a percentage of what they contribute but definitely doesn’t have those resources behind them,” Roemer said.
Businesses that patched their systems since then were likely protected from the most recent attacks, Ghanaghounian and Roemer said.
WATCH: Sophisticated cyberattack cripples computers across the globe
“Microsoft would have released the updates that would have prevented this attack in March. These are definitely preventable events,” Roemer explained.
Since Petya made headlines on Tuesday, experts have questioned whether data destruction was its true goal, rather than ransom money.
According to Roemer, the email provided by the attackers to those affected was disconnected by the ISP that was hosting the email address, cutting off all communication.
-
![]()
Cybersecurity expert credits British man with saving U.S. from ‘WannaCry’ cyberattack -
![]()
Cyber threat fears lead Feds to exclude e-voting in future elections -
![]()
Fears over cyber threats lead Feds to exclude e-voting from future elections -
![]()
Fears over cyber threats lead Feds to exclude e-voting from future elections -
![]()
What can Canada do to thwart cyberattacks against democratic processes? -
![]()
Cyberattackers targeted 2015 federal election, did not impact result -
![]()
UNB to partner with Canadian Forces on cybersecurity -
![]()
Federal government makes cyber warfare priority -
![]()
Cyber warfare key element in new defence policy: Garneau -
![]()
Hackers posted personal data after Cowboys Casino was hit by a cyber attack.
“So even if you did pay the ransom there was no way to go ahead and get your key to unlock,” Roemer said. “So it’s really a tough situation because people who thought they’d just be able to pay the ransom and get their data back — can’t.
“There’s been lots of reports about this ransomware really not being about ransom at all and being more about data destruction,” he explained.
Roemer added that while small businesses may have a tougher time recovering after such infections, corporations of all sizes have plenty to lose if they find themselves in the throes of a ransomware attack.
“There are businesses that will be down for weeks as they completely have to redo their infrastructure, every endpoint, every connection, re-verify all their data. That’s a substantial amount of disruption. And unfortunately, this attack was completely preventable,” he said.
To protect themselves ahead of time, Roemer recommends that smaller to medium-sized businesses switch to cloud-based data storage, meaning that businesses don’t have to maintain the infrastructure on their own.
Small businesses can also benefit from low implementation costs. Enabling automatic updates could ensure that small businesses with fewer workstations are always up to date.
Ghanaghounian and Roemer also agreed that creating reliable, frequent backups is the best way to help businesses recover quickly after they’re hit by cyberattacks.
Roemer said businesses need to realize the next major cyberattack may not be too far away.
“Have this be a wake-up call that there’s going to be another one coming around that’s even worse,” he said.
Comments