2 min read

Tally of GoldenEye"s damage to corporate earnings reaches half a billion dollars

Filip TRUȚĂ

August 18, 2017

Tally of GoldenEye"s damage to corporate earnings reaches half a billion dollars

June”s GoldenEye (Petya/NotPetya) ransomware contagion crippled power distributors, pharmaceutical companies, banks, advertisers and even law firms, sparing no organization running a vulnerable infrastructure. Earning reports from several affected companies now reveal just how much the attack damaged some industries.

Despite the widely accepted theory that GoldenEye was deployed mainly to shake up Ukraine, it now appears the ransomware could have fetched a handsome sum for its authors, had they not been so clumsy with their end of the bargain – decrypting victims” data.

HelpNetSecurity has compiled an short list of companies that have (so far) confirmed the extent of the financial damage inflicted in June”s cyber-attack.

The losses

Following the attack, Danish shipping giant A.P. Møller-Mærsk was forced to commission a major shutdown of its systems, freezing its container business for long enough to cause hundreds of millions of dollars worth of damage.

“We expect that the cyber-attack will impact results negatively by USD 200-300m,” CEO Søren Skou said.

Construction materials manufacturer Saint-Gobain reports similar adversity. In a press release disclosing its first-half results for 2017, the company reveals that GoldenEye caused such massive disruption to its operations that it took two weeks to return to normal.

“The cyber-attack is estimated to have had a negative impact of €220 million on first-half sales and of €65 million on first-half operating income,” the company said. “Over the full year, the negative impact is estimated at less than €250 million on sales and €80 million on operating income, with July including additional losses in some businesses in the first few days of the month, a claw-back of June sales, and costs associated with re-starting operations.”

Mondelez International, a multinational confectionery, food, and beverage company saw its net revenues drop 5% due to a GoldenEye infection. It gave no precise estimate of the damage.

American pharma company Merck was equally unable to quantify the losses, but said it is working hard to “minimize the effects.”

Between the four of them, these organizations alone have reported up to half a billion dollars worth of damage to their industries. Considering that this is just a fraction of the companies that reported getting infected with the GoldenEye ransomware, we can only imagine the total damage at a global level.

All it ever needed was one vulnerable computer

Big organizations are compelled to disclose losses to stakeholders, which ultimately causes reputation damage too, further deepening the dent in their business. Companies big and small are increasingly aware that running vulnerable systems can cause irreparable damage. With several major attacks occurring this year alone, CIOs and CTOs everywhere need to radically rethink their investments in cybersecurity.

GoldenEye used the EternalBlue exploit that was leveraged by WannaCry, as well as a second exploit called EternalRomance, to act like a worm and replicate laterally, infecting entire networks of computers in seconds.

And a credential dumping tool let the ransomware infect even non-vulnerable systems by gaining administrator rights – all it ever needed was a single vulnerable system.

tags


Author



Right now

Top posts

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

The Perils of Online Dating: Spotting Romance Scammers Before They Break Your Heart and Your Bank Account The Perils of Online Dating: Spotting Romance Scammers Before They Break Your Heart and Your Bank Account
Alina BÎZGĂ

August 05, 2021

3 min read
Google Fixes Five High-Severity Flaws in Chrome 92 for Windows, Mac and Linux Google Fixes Five High-Severity Flaws in Chrome 92 for Windows, Mac and Linux
Filip TRUȚĂ

August 05, 2021

1 min read
Google Drops All Support for Android 2.3.7 and Older Google Drops All Support for Android 2.3.7 and Older
Silviu STAHIE

August 04, 2021

1 min read