Virus Back to Basics Attacks – Wiper – Erase & Destroy
When the first Malware appeared quite a few years ago one of the most common types were Erase and Destroy – Wiper Malware. The actions that these viruses would perform, would be to erase and/or wipe data from hard disks. Attackers who would use this attack angle have the singular purpose of destroying or disrupting systems and/or the daily operations that rely on them and their associated data..
During the past few years, the type of attacks faced by organizations have differentiated to attacks of many shapes and forms. Botnets, Ransomware, Data Espionage etc. but none have been more impactful than wiper attacks. Attackers who deploy wiper malware have no direct financial motivation unlike malware that holds data for ransom (ransomware). For businesses, this often is the worst kind of attack, since there is no expectation of data recovery.
Another crucial aspect of a wiper attack is the fear, uncertainty and doubt that it generates. In the past, wiper attacks have been used by malicious actors with a dual purpose: Generate social destabilization while sending a public message, while also destroying all traces of their activities.
The defense against these attacks often falls back to the basic principles of security. By having certain protections in place — a carefully designed, security aware network, computing and software infrastructure, a tested cyber security incident response plan, a risk-based patch management program, a tested business continuity/disaster plan including a carefully designed archiving system — an organization dramatically increases its resilience against these kind of attacks.
For more information refer to the article by our partner TALOS and download the entire Wiper white paper from their site.