On Friday, July 2nd, the networks of at least 200 U.S. companies were paralyzed by a ransomware attack. While the U.S. was heavily impacted, it is reported that at least 17 other countries were compromised by the attacks, mostly through firms that handle IT infrastructure for numerous customers. The timing of this attack appears to be predetermined, considering that IT staffing is reported to be thinner around the weekend of July 4th. Brett Callow, a ransomware expert at the cybersecurity firm Emsisoft, said that he has no prior recollection of a supply-chain ransomware attack of this magnitude.
REvil, a Russian ransomware group claimed responsibility for this series of breaches, and they did this off the heels of another attack where they extorted $11 million from JBS, the world’s largest meat processor, after halting a fifth of U.S. beef production.
This most recent attack stemmed from REvil breaching Kaseya, which is a Miami-based IT firm. Breaching Kaseya allowed them to gain access to their clients’ systems. By the time the dust settled, it was reported that about 50 direct customers of Kaseya were impacted. Also, between 800-1,500 downstream business were affected worldwide as a result.
Ransomware has become a lucrative industry for hackers, but it has also increased the personal and financial risk of companies from a security standpoint. There are a few reasons that many experts believe are contributing to this growth of ransomware attacks. For starters, the wave of cryptocurrency has made making payments to hackers much more efficient. Because of the nature of cryptocurrency and how difficult it is to trace, the hackers can easily receive lucrative ransoms without it ever being traced in some cases.
Along with the improved efficiency of payments being made, another contributing factor to the spike in ransomware cases is the role that foreign governments play. They have begun to recognize the added value that can come from allowing hackers to do their business in the confines of their country’s borders. There have been cases of hackers paying some sort of bribe to government officials with the caveat that they will only target victims outside of the country. An example of this is Russia, who believes that these ransomware specialists can help advance their foreign policy goals by interfering with adversaries.
So, what can be done? From a macro point of view, the current administration has worked towards establishing stricter laws that will keep hackers at bay and mitigate the risk of future attacks. Outside of this, there are things that every individual company can do in order to further protect themselves from any damage.
This is where Stratix Systems can be of use. A strong cybersecurity protection program is the first and last line of defense between your company and ransomware attacks like the Kaseya breach. Stratix Systems delivers a full suite of effective cybersecurity and compliance services. This includes multi-layer protection to prevent cyber threats from damaging your network, applications, data, and confidential information.
Cybersecurity is an issue that continues to plague our world. Make sure you take the correct steps to assure your company’s safety.