M.E. Doc, a Ukrainian tax software company, will face charges due to their vulnerable network infrastructure which was at the center of the ExPetr Ransomware outbreak last month. After being warned by private security firms, M.E. Doc failed to secure their own infrastructure. As a result of this negligence, thousands of computers were compromised and M.E. Doc is now facing criminal charges. The hackers were able to upload their malware into M.E. Doc’s vulnerable network, and from there, the outbreak penetrated victims’ network by posing as a system or software update to M.E. Doc’s product. Once opened, the malicious update was disseminated across the country. M.E. Doc employees had reportedly blown off warnings about the security of their systems and because of this, spread the ExPetr ransomware to thousands of computers including government software. The attack left devices crippled from the U.K to the United States, even hitting major companies such as FedEx, Cadbury, and Merck. Col. Serhiy Demydiuk, head of Ukraine’s national Cyberpolice unit, spoke with AP News about the incident and will be pursuing criminal charges against M.E. Doc for their part in the spread of the ransomware.
“They knew about it,” he told the AP at his office. “They were told many times by various anti-virus firms. … For this neglect, the people in this case will face criminal responsibility.”
M.E. Doc is fully cooperating with authorities and is working with Cisco specialists from Europe and America to get their networks back online. After the attack happened, researchers fully analyzed M.E. Doc’s infrastructure and were shocked at what they found. M.E. Doc’s central update servers were running outdated FTP software which had an outstanding vulnerability easily exploited by public hacking software. The presence of this outdated software has left security specialists baffled as to why nothing was done prior to the attack even after they had been warned by private security firms. The extent of the damage is still unknown as many companies are still recovering from the attack.
The security of your company’s infrastructure cannot be stressed enough. In the case of M.E. Doc, it was not just their network that was compromised by their poor security practices, but thousands of others. GraVoc offers information security services including Risk Management, IT Assurance, and IT Audits to help prevent information technology attacks BEFORE they happen. Feel free to reach out to a certified information security specialist to analyze the vulnerabilities and threats surrounding your business.
In this blog post, we provide five cybersecurity awareness tips for employees to help them practice better cyber hygiene and defend sensitive data.
Click here to access KnowBe4’s FREE Resource Kit containing resources to share with employees throughout Cybersecurity Awareness Month!
We explore the top 3 red flags of phishing that businesses & employees should be aware of in order to recognize & mitigate a threat.