No rain suit could weather the storm...
Now their assets are in bind.
Pressed hard, there was little choice left, but to choke on fulfilling orders...
The owner of the Dettol brand and Durex condoms could be left millions out of pocket after falling victim to the NotPetya ransomware last week. The malware attack, which centred on Ukraine but also affected several multinationals worldwide, disrupted production and deliveries at UK-based Reckitt Benckiser, a consumer goods …
The fact that these are very large companies may indicate that they have offices in many places in the world. My guess is their offices in Ukraine (which have to follow local accounting rules and will likely use local software for this purpose) got infected first, then the infection spread over the company-wide network. Could be local sales, warehouses or production facilities, does not really matter which.
This is why they think it is a state actor, NotPetya was crippled to *not* attempt to spread via the internet, and only propagate itself to machines in the same private network. The initial infection vector for the private networks was via a dodgy update of MeDoc, which is mainly/solely used within Ukraine. The intention was (probably) to cripple Ukrainian companies.
Multinationals who have offices in Ukraine, and are required to use MeDoc, got infected in their Ukraine offices, which then spread outside the couuntry via internal network links.
For a company with such a high revenue / profit, where was there DRP/BCP.
Outside of Exchange or Database applications it's hard to imagine what connexions were open between multi-sites that allowed for propagation of the virus!!!
As they saying goes : Protect yourself first then start taking care of others .....
Estimated losses of £100 million so far and a 7% reduction in value in the past month.
Any company that hasn't prepared a decent DRP by now should so, before it's their turn. If you think risk acceptance will save you, you are sadly mistaken.
The most common beginning to a disaster is a sense of security.
Gaius Velleius Paterculus approx. 30 AD
We have a VPN tunnel between main office and remote office.
We blocked all ports except remote desktop protocol. And the RDP servers sit on a different subnet.
So it should be good enough to block any nasty malware from spreading from here to there, or from there to here.
Only time will tell.