Marketron Suffers BlackMatter Attack, Shuts Down All svcs. – 5 Experts Comment

Free Services to help you during COVID-19 Learn More

Support Request a Demo Contact Us Blog
Business Data Breach

Expert(s): ISBuzz Staff | Informationsecuritybuzz.com »

BACKGROUND:

Inside Radio is reporting: Marketron Hit With Cyberattack. Virtually All Of Its Systems Are Offline. Marketron manages $5 billion in annual U.S. advertising revenue. Service to all 6,000 customers has been shut down, all services offline. CEO Jim Howard told customers Sunday night of a breach by “the Russian criminal organization BlackMatter.” Updated company breach announcement here.  Five of our experts commenting below.

EXPERTS COMMENTS
Saryu Nayyar

| September 21, 2021

Saryu Nayyar, CEO, Gurucul

BlackMatter strikes again, this time hitting Marketron, a firm that manages billions of dollars of ad revenue.  BlackMatter, which also attacked tech giant Olympus a couple of weeks ago, and whose code was used in the Colonial Pipeline attack, is going after big targets and certainly attempting to get a great deal of return on its ransom.

We still seem to be on the upswing in terms of the frequency or cost of ransomware, with no clear path to remediation. Marketron responded relatively quickly to this attack, but still wasn’t able to prevent it, and it’s not clear that they have a remediation alternative. This fact argues for even earlier recognition of a ransomware attack through real time data collection and analysis so that there is little or no delay in response.

 

| September 21, 2021

Ron Bradley, vp, Shared Assessments

This one looks pretty big. I say “one” because details from the company are intentionally sketchy and there is nobody even saying that this is ransomware, data exfiltration, or any of the other types of cyber scourges thwacking businesses like Marketron these days. It is also telling that “Howard said the company is communicating with both BlackMatter and the FBI” and, sadly, the Russian criminal organization is listed first in the call tree.

Robust risk assessments, phishing training for users and protections for systems, quality data backups with regular testing, and telling your representatives the US needs harsh sanctions against Russian cyber criminal groups could help in these regularly reoccurring scenarios.”

 

| September 21, 2021

Garret F. Grajek, CEO, YouAttest

It’s not just the health care and financial sectors that are at risk from cyberattacks. The scanning tools the hackers use are vertically agnostic – and are looking for vulnerabilities in our systems. The APT  (Advanced Persistent Threat) malware they plant in the systems allow them to enumerate our systems and discover what is running, and then matching to known and published CVEs (Common Vulnerabilities and Exposures). With this information the attacker can exfiltrate whatever data they wish for a ransomware attack – or can shut the systems altogether.

The key to mitigate these attacks in security alertness though immediate vulnerability patching and to practice identity vigilance though account reviews and privilege escalation triggers.

 

| September 21, 2021

Matt Lawrence, Director of Detection and Response, F-Secure

This one looks pretty big. I say “one” because details from the company are intentionally sketchy and there is nobody even saying that this is ransomware, data exfiltration, or any of the other types of cyber scourges thwacking businesses like Marketron these days. It is also telling that “Howard said the company is communicating with both BlackMatter and the FBI” and, sadly, the Russian criminal organization is listed first in the call tree.

Robust risk assessments, phishing training for users and protections for systems, quality data backups with regular testing, and telling your representatives the US needs harsh sanctions against Russian cyber criminal groups could help in these regularly reoccurring scenarios.

 

| September 21, 2021

Doug Britton, Ceo, Haystack Solutions

This is another stark reminder that criminal organizations are evolving in their technological sophistication and even large orgs with significant resources cannot keep pace. The best defensive posture organizations can take is to develop their own cybersecurity teams. Even if network monitoring and security services are outsourced and expert consultants or response teams analyze the failure, the criminals continue to move forward and the cycle repeats.

The focus needs to be on developing cyber teams that have an intimate understanding of the organization’s computing infrastructure and are tasked to protect it with vested interest. We have the technology to find folks even in a tight labor market. We need to get them into the fight or we’ll continue to see this threat until corporate cyber defense is on par with the pace of criminal efforts.

Marketron Suffers BlackMatter Attack
External Link: Marketron Suffers BlackMatter Attack, Shuts Down All svcs. – 5 Experts Comment

Share this page:

Related Posts