An example of effective incident response. Have you practised yours recently?…:
Frankfurt, one of the largest financial hubs in the world and the home of the European Central Bank, has shut down its IT network this week following an infection with the Emotet malware.
Frankfurt is the fourth German entity that shut down its IT network in the past two weeks because of Emotet.
The other three are (1) the Justus Liebig University (JLU) in Gießen, a town north of Frankfurt; (2) Bad Homburg, another city north of Frankfurt; and (3) the Catholic University in Freiburg, a city in southwest Germany, near the French border.
Emotet is a malware operation that infects systems, and then makes money by renting access to infected hosts to other malware groups — including ransomware operators.
All of the above organizations have shut down their network to remove Emotet as quickly as possible and prevent any future ransomware attacks.
That is why you are seeing pre-emptive shutdowns in Germany. They’re detecting and taking action before escalation, which is good.
Emotet aren’t just targeting Germany. The campaigns are wide. Expect to see incidents over coming weeks as attackers will be inside networks.
— Department of Wakanda Trade (@GossiTheDog) December 19, 2019