What has the UK’s Weir Group cyber-attack taught us?
A UK-based engineering company Weir Group admitted to having suffered a massive cyber-attack in the second half of September, with losses estimated at £40 million.
The enterprise was hit by a ransomware attack, where threat actors usually capture sensitive information to demand monetary compensation. These types of attacks have accelerated over the past two years, with 2020 cited as the worst ransomware year ever experienced.
According to Weir Group, their cybersecurity systems promptly identified and responded to the attack by shutting down some of their core operations, including engineering and manufacturing.
"Action (taken) to protect our infrastructure and data has led to significant temporary disruption but ... managed to minimise the impact on our customers," said Chief Executive Officer Jon Stanton as reported by Reuters.
As of now, the company has not recorded any leakage of sensitive information, but the investigation into the nature of the attack remains ongoing.
“We are continuing to liaise with regulators and relevant intelligence services. Weir confirms that neither it nor anyone associated with Weir has been in contact with the persons responsible for the cyber-attack,” Weir shared in a statement.
Weir Group has updated its full-year guidance, with the revenue losses estimated to be between £10 and £20 million following the incident in the fourth quarter, and the costs towards overhead under-recoveries accounting for another £10 million - £15 million, according to Mining.
Should you pay a ransom?
To pay or not pay is an ongoing debate when it comes to ransomware attacks, and the answer would mainly depend on who you ask.
Law enforcement would advise not to succumb to criminals’ demands as it only encourages them to continue using this tactic, but rather report the incident to local authorities and let them handle it. They can then proceed to use decryption tools to retrieve your information, although there are usually no guarantees of success.
However, how do you approach ransomware attacks on critical infrastructure companies or small businesses with limited cybersecurity resources? In these cases, both experts and insurance companies agree that paying a ransom might be the only way out. Yet again, there are still no guarantees that criminals will follow through.
Even though there are talks about the new law that would forbid paying a ransom altogether in certain locations, there are many issues to be solved first, including finding viable ways for victims to quickly restore their data.
Investing in appropriate defenses is your best chance
While the Weir Group incident illustrated that even with cybersecurity measures in place, ransomware attacks could cost their victims millions, adopting strong security solutions is the best way of minimizing losses and costs.
Make sure to patch your OS, download a reliable VPN, and train the employees on the topics of phishing and ransomware. You might be surprised to learn that people are your first line of defense, so ensure that they are well educated about cybercrime.
More from CyberNews
Subscribe to our newsletter