Late on the night of July fourth, hackers exploited hundreds of companies worldwide. Now that group of hackers, linked to Russian cybercrime gang REvil, are demanding $70 million in exchange for release of the data.
The hacking incident started at Kaseya, a Miami-based information technology firm, and then spread to their clients and even their clients’ clients. The resulting chain reaction shut down computers at hundreds of companies around the world, in at least a dozen different countries. Even the public domain was affected, such as when Swedish Coop grocery chain were forced to close their stores because their cash registers were taken offline.
Other organizations impacted include schools, travel and leisure organizations, credit unions, accountants, and small public-sector bodies. Analysts are still working to measure the true impact of the situation.
The important thing to note regarding this attack is that only one firm was technically invaded, but the ransomware infection quickly spread to multiple other affiliated businesses. If anyone affiliated with a business becomes infected, the potential exists for an attack to spread.
Allan Liska, of cybersecurity firm Recorded Future, said that he believes REvil might have bitten off more than they can chew this time. “For all of their big talk on their blog, I think this got way out of hand,” he said.
Out of hand or not, the $70 million ransom demand looms large. Paying the ransom often encourages more attacks, but companies might lose significant data if they don’t.
The best course of action is prevention, and secure, regular backing up of data. To learn more about protecting your data and preventing ransomware attacks, give us a call at 888-RING-MY-TECH. We’ll help you determine if any potential entry points exist within your system, and tighten up security.