Data storage giant Western Digital reported that hackers had gained access to company systems and data in an ongoing cyber attack that began last week. The company said its IT team initially discovered the network security incident on March 26.
The hackers had been able to steal data, the statement said, but western digital is determining how much was taken.
Western Digital, is best known for portable hard drives and removable memory cards, including the SanDisk brand. The product involves home storage hardware with Internet features. Upon discovering the incident, the company implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensics experts.
Western Digital took systems and services offline, and said it is trying to restore the affected network infrastructure but warned that disruptions to business operations may continue for an undisclosed amount of time. Since the attack users of the company’s my cloud service have reported issues accessing their accounts. Conceivably hackers could contaminate processes and products to pass on system contamination.
What to do?
Encourage employees to exercise extreme care and run virus scans before using any external storage devices.
Run the (Microsoft) PowerShell query on your Exchange server to check for specific events in the Event Log (to detect compromised systems).
Ensure your firewall and anti-virus/anti malware is up to date and operational.
Only download from established and trusted sources.
Don’t frequent third-rate forums and download files or accept access when files are download.
What can you do when this happens to you?
If you find your network has been compromised, immediately shut down.
Identify the breach and type of virus or malware present.
Identify any data which might have been compromised or stolen and inform appropriate parties.
Rebuild the network from a known clean backup.
Jonathan Greig, The Record
SanDisk maker announces ongoing cyberattack after data stolen by hackers (