The WPP Group was recently thrown into chaos as a number of its companies had to suspend functionalities because of a cyber attack.
The ransomware attack looked like a 'money for safety' deal on the surface as it affected organisations around the world on June 27. However, analysts have been heard passing warnings to the hit companies regarding the safety of their data.
Martin Sorrell, WPP CEO, delivered no indication of any client or employee data being tampered with or stolen. However, many previous attacks that demanded a ransom to free the company network on the surface were caught syphoning data from the back door while everyone was busy arranging for the said ransom, an analyst at Forrester mentioned worriedly.
In addition to advertising giant WPP, Mondelez (the firm that owns Cadbury), Maersk (Danish logistics company), and several Ukrainian government departments were also affected. They were suggested to shut off all machines at once, thus causing a huge dent in their services on the day of the attack and for a few days afterwards.
The virus in question is being called Petya, a Russian virus that was supposedly being sold on the dark web as a ransomware for service. The victim computers’ hard disks were encrypted. To get the key capable of unlocking the hard drive, the attackers demanded cyber currency Bitcoins worth $300 from every victim.
WPP began its journey to go back to normalcy with the help of law enforcers and IT partners right after the attack. While all of its companies weren’t hit and standard functionality was resumed a day after the attack, many WPP geographies (emails, etc.) remained laced with problems until a little later.
Since data grab remains an issue, experts suggest patching the entire network, vigorously updating the system, and looking for any ambiguity or incoherence in the database for every organisation that fell for the ransomware attack.