Pitney Bowes, a global package delivery giant, has been hit by a second ransomware attack in less than seven months, according to ZDNet . Those behind the attack have released screenshots depicting directory listings from inside the company's network.
What is Maze ransomware and what makes it so special?
Maze is typically a sophisticated strain of Windows ransomware that has hit several companies around the world, demanding cryptocurrency payments in exchange for costa rica phone number data recovering encrypted data. Like any other ransomware, Maze spreads through a corporate network, infects the computers it finds, and encrypts the data.
In what has been observed as a double extortion attack, the attackers steal the data they find, exfiltrate it to malicious servers, and then demand a ransom for the safe recovery of the data. This makes the Maze ransomware attack a deadly combination of a ransomware attack and a data breach.
While recovering data from a secure backup may seem like the solution, the fact that attackers now have a copy of your organization's data cannot be overlooked.
What might happen if you ignore their demands?
Attackers now have access to your organization’s sensitive data. If their demands are not met, attackers can:
Release information about the security breach to the public and media.
Impact the value of your stocks by revealing sensitive pricing information.
Threatens your customers and partners with their information.
Who are your targets?
So far, Maze ransomware has targeted the IT and healthcare sectors, professional security services, and law firms. News about the attacks and evidence supporting their claims are posted on the attackers’ official website.
How do hackers get into your network?
Attackers use a variety of techniques to compromise your network. These can include exploiting known vulnerabilities that have not been patched, using remote desktop connections with weak passwords, sending malicious emails or links, etc.
Best practices to mitigate the risks associated with the attack
Some best practices that can help mitigate the risk associated with the attack are:
Backing up data using the 3-2-1 backup rule. This means having at least 3 copies in 2 different formats, with 1 copy stored off-site.
Patch and update applications and programs regularly. This will ensure that entry points for potential ransomware attacks are blocked.
Be vigilant against social engineering emails. Ransomware attacks are often spread as spam attachments.
Verify that firewalls and intrusion prevention have been enabled on your network.
Deploy a comprehensive log management solution that can monitor your network and provide out-of-the-box reporting.