Expert Reaction On DopplePaymer Ransomware Infected The Network Of One Of NASA’s IT Contractors

The operators of the DopplePaymer ransomware have congratulated SpaceX and NASA for their first human-operated rocket launch and then immediately announced that they infected the network of one of NASA’s IT contractors. In a blog post published today, the DopplePaymer ransomware gang said it successfully breached the network of Digital Management Inc. (DMI), a Maryland-based company that provides managed IT and cyber-security services on demand. According to the company’s press releases, DMI’s customer list includes several Fortune 100 companies and many government agencies, among them NASA. It is unclear how deep inside DMI’s network the DopplePaymer gang made it during their breach, and how many customer networks they managed to breach.


EXPERTS COMMENTS
Jamie Akhtar, CEO and Co-founder,  CyberSmart
June 04, 2020
it's important that businesses require their contractors to meet security standards
This breach really highlights the role of the supply chain in high-profile cyber breaches. In 2018, just over half of organisational breaches were caused by third-party vendors. These smaller businesses, without their own security in place, serve as open doors to the sensitive data of their customers. As supply chains become increasingly integrated and complex, it's important that businesses requi ....
[Read More >>]
Chris Hauk, Consumer Privacy Champion,  Pixel Privacy
June 04, 2020
Companies must learn to harden their defences.
In data breaches of this type, the first impulse of any company would be to pay the ransom. However, there is no guarantee that paying a ransom will result in the recovery of data, or in cases like this one, that the data won't be sold or given to hackers for use at a later time. Companies must learn to harden their defences, even going so far as to limit access from the web. While limiting emplo ....
[Read More >>]
Paul Bischoff, Privacy Advocate,  Comparitech
June 04, 2020
Employee records, for example, could be used to vet and recruit individuals working for NASA to spy and steal on behalf of foreign governments.
The theft and ransom of NASA data from a third-party contractor could be dangerous in the wrong hands. This is data that's not just valuable to financially-motivated criminals, but also nation-state actors who want to spy on NASA and its employees. Employee records, for example, could be used to vet and recruit individuals working for NASA to spy and steal on behalf of foreign governments. ....
[Read More >>]
Boris Cipot, Senior Sales Engineer ,  Synopsys
June 04, 2020
The rule to follow is 'Check before you Act'.
There is currently a high level of uncertainty regarding what data has been breached, but based on what has been published to support DopplePaymer's claims, it would seem that many governmental organisations and Fortune 100 companies could be affected. I am sure that DMI is doing all they can to check the verity of these claims and, in the case that they are found to be true, find the cause of th ....
[Read More >>]
Paul Edon, Senior Director (EMEA) ,  Tripwire
June 04, 2020
Remote Desktop Services (RDS) provide IT departments with an effective and efficient method.
Remote Desktop Services (RDS) provide IT departments with an effective and efficient method by which they are able to configure, maintain and manage remote corporate IT assets, so much so that RDS is often seen as a core element of the IT management strategy. The RDS solutions in use today have been developed over many years and with the experience gained from an embarrassing number of security i ....
[Read More >>]
Oleg Kolesnikov, VP of threat research,  Securonix
June 04, 2020
Whether or not this is just an aberration, or a trend still remains to be seen.
In light of the recent successful SpaceX launch breakthrough, the DoppelPaymer release almost seems like an antithesis, but this is exactly what many of the malicious threat actors are about--taking advantage of the victims at times when it could cause the most damage. Based on our monitoring of DoppelPaymer malicious threat actor and the analysis of cadence of the leaks published by DoppelPaymer ....
[Read More >>]
Javvad Malik, Security Awareness Advocate,  KnowBe4
June 04, 2020
It's not just enough for organisations to secure their own systems.
It's unclear as to how the DopplePaymer ransomware gang infiltrated DMI, or how far they actually got. However, it raises the important point of ensuring security throughout the supplier and vendor ecosystem. It's not just enough for organisations to secure their own systems, but they should be conducting due diligence and adequacy checks with all of their partners and suppliers with procedures in ....
[Read More >>]
Chris Clements, VP,  Cerberus Sentinel
June 04, 2020
Businesses should also ensure that they have accounted for the breach of any other organization.
Supply-chain cyberattacks from vendors or business partners can blind-side businesses who haven’t accounted for that potential risk. It’s critical that all organizations perform due diligence on any business partner with access to their data or network. Effective management strategies can include implementing contractual requirements that all vendors or contractors follow information security ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article