The first screenshot of Symantec Endpoint Protection Manager appears to indicate a licensing issue with protection being disabled on 42 end-points.
But the second appears to show protection was disabled only on one end-point, probably the view from one of the 42 end-points that were unprotected.
The attackers also pointed to the fact that the software was up-to-date at the time of the attack, obviously raising the question about whether the protection provided was sufficient.
|
The ransomware used in this attack was NetWalker, another one of the multitude that works only on Microsoft's Windows operating system.
CSAT has offices in Houston, Texas, and Salem, New Hampshire. iTWire has contacted CSAT for comment.
With this attack, NetWalker has now been used in 10 attacks this year that have been deemed worthy of being reported.
These include attacks on Italian energy giant Enel, Indiana-based KYB Corporation, the biggest supplier of OEM automotive equipment to companies around the globe, data centre giant Equinix, US security software-as-a-service provider Cygilant, Australian workforce design and delivery firm Tandem Corp, and Jands, an Australian company that distributes some leading audio, lighting and staging brands for installation, production and retail industries throughout Australia and New Zealand.
Another attack of note was on Forsee Power, a company that designs and manufactures smart lithium-ion battery systems for electro-mobility markets, with an eighth being on Trinity Metro, a regional transportation authority of the state of Texas.
Prior to that the University of California in San Francisco admitted it paid US$1.14 million (A$1.56 million) to a gang that used NetWalker to attack its systems. A tenth case was that of Australian customer experience firm Stellar, that also operates across Asia, North America and Africa.