An announcement posted on the SmarterASP.net website stated that the attack compromised accounts of some of the company’s customers, with the data itself being locked by the attackers. Although the company did not provide details on the attack, some images posted on Twitter showed some files being encrypted with a .kjhbx affix.
Customer data was not the only thing affected by the ransomware attack – SmarterASP.net’s website itself was down for the whole of Saturday, only coming back online on Sunday morning.
According to their published statement, the company was working to prevent a similar incident from happening in the future.
The perils of the software supply chain
Although the attack itself seems mundane in retrospect, what might be more important to highlight here is that threat actors are no longer going after the organizations themselves; they’re also targeting other parts of the supply chain.
In this case, the victim was a service provider for ASP.NET, an ubiquitous developer platform that many companies use to creating web-based applications. This means that the ransomware attack not only caused disruptions to SmarterASP.net, but also compromised the files and data of their customers that were used for development purposes.
To minimize the impact of an incident such as this, it is highly recommended that developers keep backups of their important files and databases — preferably via the 3-2-1 rule. Furthermore, security gaps within the development cycle must also be filled via measures such as network segmentation, which involves separating critical assets in the build and distribution environments from the rest of the network.
Trend Micro solutions
Trend Micro helps development teams build securely, ship fast, and run anywhere. The Trend Micro Hybrid Cloud Security solution provides powerful, streamlined, and automated security within the organization’s DevOps pipeline and delivers multiple XGen™ threat defense techniques for protecting runtime physical, virtual, and cloud workloads. It also adds protection for containers via Deep Security and Deep Security Smart Check, which scans Docker container images for malware and vulnerabilities at any interval in the development pipeline to prevent threats before they are deployed.
Like it? Add this infographic to your site: 1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).