Cybersecurity “Flash” Warning for Construction and Manufacturing Businesses

March 24, 2021

On March 23, 2021, the FBI’s Cyber Division issued a “Flash” warning for several business sectors, including industrial, commercial, manufacturing and construction businesses.  The FBI is warning that a strain of ransomware, known as “Mamba,” has been used to weaponize a widely-used encryption software known as DiskCryptor.  Mamba works through the open-source DiskCryptor program to encrypt a company’s operating system and demand ransom payment.  This new ransomware attack is a threat to any business which employs DiskCryptor, specifically manufacturing and construction companies.

What Should I Do?

If your company utilizes DiskCryptor, the FBI suggests a number of recommendations to mitigate and ward off any ransomware attack.  Most of these suggestions fall within the guidelines of proper cyber hygiene, and include (but are not limited to) the following:

  • Regularly back up data, as well as copies of data;
  • Segment your network;
  • Request administrator credentials to install software;
  • Implement a recovery plan;
  • Patch operating systems, software and firmware as soon as patches are released;
  • Use multifactor authentication;
  • Regularly change passwords;
  • Audit user accounts;
  • Install and update anti-virus and anti-malware software;
  • Only use secure networks and avoid public Wi-Fi; and
  • Train users and raise awareness.

Even if you do not use DiskCryptor, taking these actions will help mitigate any future ransomware attack, regardless of origin.

How Can We Help?

The Privacy and Data Security Team at Newmeyer Dillion stands ready to assist you in preparing for any cyber incident, including the very real threat of ransomware.  As ransomware continues to spread, the need for proactive and preventative measures increases.  We can assist with a wide range of activities, including:

  • Cyber Risk Management
  • Employee Training
  • Incident Response Planning
  • Disaster Recovery Planning
  • Breach Coaching and Recovery
  • Cyber Liability Insurance Placement

Please do not hesitate to contact us with any questions or concerns regarding this recent FBI warning, or any other cybersecurity or privacy concerns.  We can be reached at (949) 954-7000, or e-mail me directly at [email protected].