Shipping services firm Pitney Bowes has recently joined the growing ranks of businesses targeted by high-impact ransomware attacks—in their case, the Ryuk virus.
The Ryuk virus has also been named as the culprit in recent data breaches spanning both global and domestic industries, targeting several cities in Florida and Massachusetts, as well as media companies such as Tribune Publishing, and France’s M6 Group. The escalating occurrence and impact of these ransomware attacks triggered a recent FBI advisory, which notes that malware campaigns appear to be increasing in sophistication.
According to statements released by Pitney Bowes, the Ryuk virus did not appear to impact customer or employee data—however, it did disrupt customer access to key services for a period of days.
Pitney Bowes was affected by a malware attack which impacted some systems & disrupted client access to some of our services. We apologize for any disruption to your systems. We are working to restore affected systems. Please visit https://t.co/ixUa5FCGUQ for updates.
— Pitney Bowes (@PitneyBowes) October 14, 2019
With more than 1.5 million clients worldwide (including a list of Fortune 500 companies) Pitney Bowes processes more than 16.5 billion pieces of mail annually—as well as providing “presort” and cataloging services critical to the U.S. Postal Service. Pitney Bowes has yet to detail the extent of the impact on their business, however, one can assume it was significant.
Most targeted businesses opt not to cooperate with ransomware demands, eschewing extorted payment in favor of addressing the impacts of a data breach through other means; still, the financial impact to operations (through loss of customer uptime, advertising revenue, and so forth) combined with the cost of post-attack reparation often far exceeds the payment requested.
In early September, a ransomware attack similar to that at Pitney Bowes impacted Entercom (the largest radio broadcaster in the U.S.). While broadcasting itself was not affected (all stations remained on-air throughout the breach) the malware took internal networks and email servers offline for nearly two weeks.
While Entercom opted not to pay the requested ransom, according to a recent article on RadioInsight, their first-quarter earnings report indicated repair costs which far exceeded the $500k demanded by attackers—in addition to nearly $800k in lost advertising revenue. This aptly demonstrates the potential impact and reach of a similar data breach and underscores the need to proactively manage security risk.
This type of data breach is nefarious by nature. Without effective preventative measures, by the time the threat has been detected, it has already done significant damage. Proactive, anticipatory efforts are required to defend a system against malware and ransomware attacks, however, security professionals often struggle to quantify and communicate the risks.
Here are some actionable steps and guidelines:
The escalating prevalence of malware and ransomware attacks, such as the Ryuk virus infection at Pitney Bowes, indicates that these threats are here to stay. The leverage used by attackers to extract ransom has a direct impact on the business, as it offers immediate and definable risk to both operational continuity and finances (in the form of direct loss of revenue, as well as potential liability from data exposure).
Pitney Bowes is a backbone service, which means that the potential impact of even a minor breach has a rippling effect. From a business standpoint, security is a type of risk management and while unfortunate, the significant risk posed by malware and ransomware attacks offers an opportunity for security professionals to quantify the risk of potential exposure as a direct impact on the business.
Comprehensive risk management and mitigation can be more effectively communicated (and justified) by security professionals through the conveyance of projected operational and financial impact. As these events become more common, preparation becomes ever more essential to risk mitigation—and to the overall structure and execution of your security strategy.
Learn how the CloudPassage Halo cloud workload protection platform can help you defend against ransomware.
Get a free vulnerability assessment of your cloud infrastructure in 30 minutes.