A hacker is looking for $5M from Petroleos Mexicanos or PeMex for short - by Novener 30th. This from an unknown hacker who uses the name “Joseph Atkins” in their email address.

The person also said his group’s hacks aren’t limited to the oil sector and suggested they were responsible for a previous cyberattack on Roadrunner Transportation Systems Inc., a truck freight transportation services company based in Wisconsin. “They did not pay and recovered themselves, and left us GB’s of their data,” the person said, in broken English.

While the company is minimizing the impact of the attack – employees are saying there are still many affected systems.

The offending malware at first appeared to be the notorious Ryuk strain often used by cyber crooks against high value targets but some cyber pros said the attack had the earmarks of the DoppelPaymer malware, which has also been linked to high value targets.

In one Pemex office building, entire floors of computers were wiped out.

Pemex is currently wiping infected servers and installing patches.

The challenge for PeMex is they are forced to wipe all of their infected computers and those which are questionable as well.

This is causing unimaginable business disruption.

Rebuilding servers is a nontrivial task and each could take hundreds of hours each – depending on the variance between each server. Then there are the PCs. The company has 128,000 workers! Certainly, all haven’t been infected but the mind boggles at the amount of time needed to wipe that many machines. We would estimate 90 minutes or perhaps more per machine!

Worst case scenario – assuming every worker had one PC is 5,760 man years!

Here is the challenge…

Companies need to realize cybersecurity is even more important than physical security.

It is common for business owners to think a person needs to come into their office to hack them – not understanding how easy it is for a hacker to spread infections via the internet.

They can send phishing emails virtually for free via email lists they find on the dark web or even legitimate websites.

They can target high-value executives at corporations – knowing they can extract a huge ransom – from a Fortune 1,000 or hospital.

More recently, they use marketing automation – the same tools used by global marketing departments to more effectively target potential victims within organizations.

One of the biggest issues for corporations is all the hacks of banks and email providers, allowing hackers to easily search for personal information on their workers. They can then use this to impersonate the employee to get into their accounts. This becomes excessively easy if users utilize the same passwords for all their accounts.

But sadly, it is easier to just send a custom email at the target with something they will consider valuable and likely click on.

How do you stay secure or at least drastically reduce the risk? Just follow these three steps. Good luck!

1) Read cybersecurity essentials – a simple list which will help most organizations become far more secure.

2) Go to a phishing simulation vendor now and sign up for one of their offerings. Phishing Box, KnowBe4 and Phish360; are all great. This is needed to train workers by testing them without their knowledge by sending real-looking emails to their inboxes. If they click, they are immediately trained on what not to do.

3) We also recommend you get a free evaluation of your cybersecurity risk from an MSP/MSSP immediately – they can also help you build in the needed compliance to reduce the risk of being fined.