It’s been about a year since NotPetya hit, taking several large businesses offline and wreaking havoc from an operational standpoint. DLA Piper and TNT Express are among the major companies still licking their wounds, with both incurring enormous cost to get their businesses back on track.
Complex Systems Broken Down and Rebuilt
Major law firm DLA Piper essentially had to wipe their systems and start from scratch when NotPetya hit, accumulating 15,000 hours of paid overtime in the process. A two week investigation into their breach found that the infection was so widespread that no information was salvageable.
A DLA Piper IT representative stated that a flat global network structure contributed to the severity of the breach. He confirmed that the company will segment its network and isolate offices in an effort to contain the spread of any future attacks.
TNT Express, a FedEx subsidiary, has put a dollar value on their June 2017 NotPetya infection. They have estimated losses of 374 million Australian dollars due to compromised business systems and data. The company had to revert to manual business processes in the wake of the attack, which demonstrates the significant reach of NotPetya across networks.
Effectively Defend Your Business from Malware Infection
Two specific measures could have been taken to prevent these far-reaching NotPetya attacks:
Application whitelisting could have prevented the executable file from running to begin with, curtailing the infection before it took hold. Correct implementation of application whitelisting fortifies your networks, allowing you to control exactly what programs can be run in your IT environment and disabling all others. In 2018 and beyond, application whitelisting should be considered an essential online security measure.
It is also imperative for organisations to pay attention to available security patches. In the case of NotPetya, there were patches available to organisations prior to the attack that were not utilised. Organisations who do not have in-house IT personnel to keep track of available patches can still protect their business through a managed patching service. This level of protection is feasible for medium businesses – by allowing patching professionals to keep track of relevant security threats and exploits, you can effectively stay ahead of hackers looking to invade your networks.