The SHAMOON Virus is Back and it is Preventable
January 26th, 2017
If enterprise security is so important, why aren’t more companies doing it better? Every day we read articles about a hack or breach that, in many cases, could have been mitigated with simple best practices. It’s time to stop worrying about how much work it will take to secure the enterprise and more about what happens when you don’t.
Shamoon is back!…
Case in point. As reported in a recent U.S.News article, the Shamoon Virus (aka W32.DistTrack), first discovered by Seculert in 2012, made its return. The virus is highly destructive to infected systems and can easily transfer over networked devices. It has one purpose – cyber espionage – something every company in the world understands the impact of. It is also preventable.
… and preventable
Because Shamoon requires the use of an administrative account to infect a system, implementing least privilege, part of privileged access management, negates its ability to gain a foothold. This is a core competency of BeyondTrust. Our PowerBroker for Windows, Unix/Linux and Mac solutions assist with the operational roadblocks enterprises hit when removing admin rights from users.
Attackers have also been known to steal admin credentials to use with Shamoon. Understanding which users have access to these credentials and under what conditions is a fundamental component in preventing this, and other breach attacks. PowerBroker Password Safe addresses this need by controlling access to accounts and systems within your network, and identifying misuse.
To prevent the effects of Shamoon and Shamoon-like attacks, consider a step-wise deployment of privileged access management solutions, targeting your most at-risk accounts and users first. Download our free privileged account discovery tool and start scanning for at-risk accounts. Then, check out our guide to help you get started on your privileged access management path.
If going to the Shamoon isn’t in your travel plans, contact us today.