When you experience a breach, time is crucial. Our 24/7 Security Operations Center responds immediately with precision to eliminate the threat and restore operations.
ShadowSpear® is an unparalleled resource that defends your organizations against advanced cyber threats and attacks 24/7/365.
Your organization has cybersecurity weaknesses and vulnerabilities you don’t yet even know about. They need to be found and found immediately. If you don’t someone else will.
The home appliance company, Whirlpool, confirmed a ransomware attack and explained they will be slowly bringing back systems until all are restored. With a whopping $20 billion in yearly revenue, Whirlpool offers a potentially hefty financial gain for threat actors. Data such as employee benefits, accommodation requests, medical information, and background checks were lifted from Whirlpool. Most threat groups’ primary motives are usually tied to financial profit and lately, larger corporations are being targeted due to this.
The ransomware group responsible for this incident is Nefilim. Nefilim is not necessarily the most active group but has been studied implementing a popular method among them: double extortion. The worrying aspect of having your data published publicly is how harmful it is to your brand’s reputation. Not only can your operations be halted, but data being exfiltrated makes for a more complex issue.
Before double extortion was being used on a regular basis, data was being encrypted, but not always stolen and published. Threat actors realized the incentive for organizations to pay ransoms increased when the data was posted on dark web forums, in addition to being encrypted.
Nefilim’s ransom note contains warnings, “If you do not contact us we will start leaking data periodically in parts.” The evidence shows they’ve begun to leak data with company files titled, “Whirlpool Corporation. Part 1.,” implying more data has yet to be published.
One of our recommendations for preparing for a cyberattack is to have secure backups of all of your data. Why do you need to do this? Well, let’s analyze more of Nefilim’s ransom note. “If you don’t have extensive backups, the only way to retrieve your data is with our software.” This proves our point with precision. Having trusted backups will be an impactful counter to a threat actor who thinks they have leverage by holding your data. Take the time to make sure your organization has done everything it can to be secure, including utilizing a trusted cybersecurity firm.
As threat actors develop their attack techniques, it’s extremely vital to keep up with protection and policies. What will you do when you are faced with a cyberattack and you’re not prepared? This is a question which should be posed to boards and executives continually, until the risks of ransomware are realized, and actions are made to improve them with firms, like SpearTip, and tools, like ShadowSpear®.
The human element in security is a necessity, considering tools can’t guarantee the complete safety of your networks and environments. Our internally developed Endpoint Detection and Response (EDR) tool, ShadowSpear®, works hand-in-hand with our highly technical, certified engineers by stopping potential threats while also providing partners with a completely transparent view of their risk profile.
Identify, neutralize, and counter cyberattacks - provide confidence in your security posture
24/7 Breach Response: US/CAN: 833.997.7327
Main Office: 800.236.6550
1714 Deer Tracks Trail, Suite 150
St. Louis, MO 63131
©2024 SpearTip, LLC. All rights reserved.