The FBI has issued a warning to businesses regarding the potential for cyber-attacks using data-wiping malware also known as wiper malware.
The FBI warning (Reuters report) describes how the same malware used in a recent attack against Sony Pictures can be used against other businesses in the future. Sony’s cyber-attack resulted in the leak of several unreleased motion pictures, financial information, emails and even casting details for movies still in production.
Now the interesting part. One of the leaked films is “The Interview” which has a plot to assassinate the supreme leader of the Democratic People’s Republic of Korea, Kim Jong Un. Many are speculating that North Korean hackers may have been responsible for the incident however nothing has been confirmed.
In the FBI warning, they specified how this malware is capable of overriding all data on hard drives including the master boot record (MBR) and the boot code needed to run an operating system.
Wiper malware has not yet been target at U.S based businesses however it has been directed at companies in the Middle East and Asia. Attackers used the Shamoon malware to target Saudi Arabia-based oil firm Saudi Aramco in 2012, which crippled tens of thousands of systems at the company by destroying MBRs after stealing valuable data.
So how do you protect yourself from wiper malware?
There are multiple ways to handle this and it all starts with proper risk management. Most IT security experts will advise companies to implement segmented networks to isolate important data. This stored data on the network should be backup up daily. Isolate important intellectual property and use remote desktop software to access it. This will add a layer of security that makes it more difficult for hackers to attack.
All businesses need to keep up-to-date backups locally and offsite. Valid backups of data are essential so if your systems get wiped, you can turn to backups. Continual offsite data backups are critical for any organization.
As we operate as vCIO for many clients, the team at 365 iT SOLUTIONS is responsible for full-time strategic IT analysis and management of their networks. As part of our responsibility, we lay out an IT budget, prepare businesses for future technology and provide regular reports on the network’s health and security status.
But most importantly, we implement a business continuity plan which addresses threats such as wiper malware. By combining all our services including Managed IT Services, IT Support Services, IT Outsourcing Services, Tech Support Services and Cloud Services, we are able to protect our client networks proactively.