When CentaurWipe infected hundreds of companies in December 2016, IT departments were left flat-footed. Named for its dual attack of locking down devices while systematically erasing files, CentaurWipe was finally contained after an emergency patch was deployed.
It shouldn’t. It never happened.
But in a recent survey of 510 IT decision-makers, more than 85 percent thought CentaurWipe was a real cyberattack when we asked them to pick the fake among a list of real attacks. More respondents picked WannaCry as the fake cyberattack than CentaurWipe.
What’s going on here? Are there just so many cyberattacks that it’s hard to remember all the names?
Or is there a lack of awareness that could be putting organizations in jeopardy?
Which cyberattack isn’t real?
We posed this simple question to CSOs, CIOs, CTOs, CISOs, IT VPs, Heads, Directors, and Managers, Information Systems Security Engineers, Cyber Security Directors and Managers:
Which of the following is not a named or known cyberattack?
Any surprises for you in that list? There were for the respondents.
Only 15 percent of respondents correctly chose CentaurWipe as the phony attack. Just two out of the six real cyberattacks received more votes than that.
A quarter of respondents – 25 percent – chose POODLE. That’s short for Padding Oracle on Downgraded Legacy Encryption. Granted, POODLE may seem like it happened forever ago (it first appeared in 2014) but this “man-in-the-middle” attack fooled a good portion of respondents.
Close behind CentaurWipe, 14 percent chose NotPetya, while 13 percent chose Goldeneye.
The two most recognized cyberattacks on the list were Petya, chosen by just 10 percent of respondents as the fake, and Heartbleed, which 8 percent thought wasn’t real. It should be heartening that these two didn’t get past many surveyed participants.
What does this say about security awareness?
The shocking thing about these results is that CentaurWipe wasn’t the overwhelming choice. What can we attribute this to?
For one, some strains of malware have multiple names. Depending on who you ask, Petya, NotPetya and Goldeneye might all refer to the same June 2017 ransomware attack. In these cases, it can get confusing for those trying to stay on top of the ever-growing list of cyber threats – they might know the attack by one name but not another.
The term “cyberattack” is also up to interpretation. For example, POODLE isn’t actually an attack, but a vulnerability that could be exploited.
There’s also the sheer quantity of attacks – thousands of new ones appear every year, and organizations tending to their security are left untouched by the vast majority.
Or maybe, and this is more concerning, it’s just a true lack of awareness.
Knowing what malware does, what it targets, and how to stop it can help you keep your systems safe. How do you know you’re immune to a threat you aren’t aware of?
Armed with knowledge, you can stay safe and prepare for whatever hackers conjure up next. But also make sure you’re covering the security basics.