An aerospace and industrial manufacturer has become the latest firm to have sensitive internal documents published online by ransomware attackers.
Visser Precision, which makes parts for Tesla and SpaceX as well as defense contractors Boeing and Lockheed Martin, was hit by the DoppelPaymer variant, according to security vendor Emsisoft.
The hackers have apparently already published NDAs the firm signed with Tesla and SpaceX, and product-related plans.
DoppelPaymer has already been deployed against various targets including the government of Canadian territory Nunavut and Mexican state petroleum giant Pemex.
Publishing stolen data is an increasingly common tactic for cyber-criminals keen to force their victims into paying a ransom, even if the latter have already backed-up their systems according to best practices.
Rapid7 principal security researcher, Wade Woolwine, argued the case highlights the importance of conducting full incident investigations for all security breaches.
“In ransomware situations, organizations typically focus on restoring normal business operations at the expense of conducting a full investigation,” he added.
“At the very least, victims should determine what volume of network data was transmitted by the infected hosts, and to where. This will help establish whether there might have been data exfiltration and justify additional technical investigation like forensics and malware analysis.”
Jonathan Knudsen, senior security strategist at Synopsys, argued that organizations increasingly need to reach out to their supply chains to ensure security best practices are being observed.
“How can you defend against such attacks? Obviously, the first priority is getting your own house in order. Adopt good security practices, educate your employees and plug all the holes in the dam,” he said.
“Beyond that, it’s in your own best interests to make sure your vendors and your customers are doing the same. Ask your partners what they’re doing about cybersecurity. Share best practices, techniques and tactics. Cybersecurity is a community effort; the only way we’ll make significant gains against our adversaries is through cooperation.”