Experts Insight On Visser Data Breach (Supplier To Lockheed, Tesla, Boeing And SpaceX)

It has been reported that an American manufacturer which works with SpaceX and Tesla is being extorted by cyber criminals who are leaking documents relating to these companies. The cyber crime group known as DoppelPaymer has already leaked non-disclosure agreements signed between Visser Precision and the Elon Musk-led companies SpaceX and Tesla. More documents stolen from Visser’s network will be released unless the Denver-based firm pays a ransom, the criminals have claimed.


EXPERTS COMMENTS
Alyn Hockey, VP of Product Management ,  Clearswift
March 03, 2020
If ransomware attacks are on the rise again, organisations need to allow password protected documents only from trusted senders.
It has felt like ransomware incidents are ramping up once more, with a number of attacks over the past few weeks. This DoppelPaymer attack has been the most high profile of those, partly because of the organisation being held to ransom - Visser, a parts manufacturer to major brands such as Boeing, Tesla and SpaceX – and partly because of DopplePaymer’s nature. It’s file-encrypting malware wh ....
[Read More >>]
Marco Essomba, Founder,  iCyber-Security
March 03, 2020
Care must be taken to ensure that data is backed up offline so that if an endpoint device is infected, a swift recovery is possible.
Ransomware continues to pose a significant risk to organisations and individuals worldwide because it is a lucrative way for cyber criminals to make lots of money - fast. For these reasons, it is expected that ransomware attacks will continue to grow until the financial incentive is significantly diminished. DoppelPaymer is not different to any other ransomware in that it encrypts data and forces ....
[Read More >>]
Yuki Arbel, VP of Product Management ,  Hysolate
March 03, 2020
There is no practical way to prevent attackers from reaching employees and getting them infected.
For organizations whose main asset is the confidential information that they produce and maintain, data exfiltration is their biggest nightmare. There is no practical way to prevent attackers from reaching employees and getting them infected. The only way to keep confidential information safe is to isolate access to it. Companies that use privileged access to let their employees use one operating ....
[Read More >>]
Brent Johnson, VP InfoSec & Compliance ,  Bluefin
March 03, 2020
This particular ransomware incident is disturbing for a number of reasons.
This particular ransomware incident is disturbing for a number of reasons. First, the hackers deployed the new DoppelPaymer ransomware, which combines malware to initially extract data from documents and then encryption to render the files inaccessible. Second, Visser looks to deal with a number of high profile technology and defense contractors, which could mean that they are now in possession of ....
[Read More >>]
Javvad Malik, Security Awareness Advocate,  KnowBe4
March 03, 2020
This includes patching software, implementing multifactor authentication, and providing regular security awareness and training to employees.
Ransomware such as DoppelPaymer is becoming more favoured by criminals because not only does it encrypt files like conventional ransomware, but also steals the files before doing so. That way, even if the organisation has backups in place, or can resume operations, the threat of leaking or selling commercially sensitive data and intellectual property will remain. Not only does this approach make ....
[Read More >>]
Chris Grove, Product Evangelist,  Nozomi Networks
March 03, 2020
Its role isn’t too hack or defraud directly, but serve as proof someone was hacked, and is in a position of subsequent vulnerability.
Attack methods like DoppelPaymer can prove highly effective because it is not about the type or sensitivity of the data, but the power of the adversary possessing and being able to expose it. Exposed data from a plant would be just as effective at influencing the victim to pay up as data from HQ. Its role isn’t too hack or defraud directly, but serve as proof someone was hacked, and is in a posi ....
[Read More >>]
Oliver Pinson-Roxburgh, Managing Director ,  Bulletproof
March 03, 2020
It’s believed that INDIRK SPIDER was formed in 2014 and its typical MO is to target big businesses with ransomware.
30% of the most recently released tools, according to research from our threat intelligence feed, had ransomware functionality. This shows that the most lucrative and risk free approach for attackers is to hold businesses to ransom using crypto currency such as Bitcoin to provide a largely untraceable way to monetise an attack. Dopplepaymer is ransomware – it’s been called this as it shares s ....
[Read More >>]
Jonathan Knudsen, Senior Security Strategist ,  Synopsys
March 03, 2020
Cybersecurity is a community effort; the only way we’ll make significant gains against our adversaries is through cooperation.
Information crime continues to be a highly lucrative business, as information can be monetised through classic ransomware (a denial of availability) or the threat of leaking sensitive information (an attack on confidentiality). The ongoing situation with Visser Precision highlights the interconnected nature of all businesses. An organisation’s information is valuable, but equally valuable is ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article