A cyber-attack that paralyzed US businesses ahead of the July 4 holiday weekend is been examined for possible foreign involvement. The so-called supply chain hack, according to security firm Huntress Labs, was carried out by a Russian group named REvil, which was also implicated for attack on global meat packer JBS.
The hackers, who struck on Independence celebrations weekend in the United States, took control of widely used technology management software from a company named Kaseya. They modified a Kaseya product that is used by organisations that manage technology for small businesses. They then encrypted the files of the consumers of such providers. Kaseya has announced that it was looking into a "possible attack" on its website. It added that the attack was limited to "a very small number of our clients, currently estimated at fewer than 40 worldwide." Huntress Labs, on the other hand, said it was collaborating with partners who had been targeted in the attack, and that the software had been changed to encrypt more than 1,000 firms.
Ransomware attacks normally only affect one organisation at a time, according to Gerome Billois, a cybersecurity specialist with the Wavestone consultancy. "In this case, they attacked a company that provides software for managing data systems, allowing them to simultaneously target several dozen — possibly even hundreds — of companies," he said. Kaseya runs what's called a virtual system administrator, or VSA, that's used to remotely manage and monitor a customer’s network. The hackers targeted this software, which allowed them to target more businesses.
Ransomware is incredibly harmful, despite its simple principle. It's a type of virus that scrambles or deletes all data on a device until a ransom is paid to restore it. According to research, every 14 seconds a new company will be struck by ransomware in 2020. It has the potential to bring networks to a halt and devastate infrastructure. The WannaCry ransomware assault is one of the most well-known examples of ransomware. WannaCry was a computer virus that infected over 230,000 systems in 150 companies in a single day. It encrypts all files it finds on a device and asks customers to pay $300 in bitcoin to get them back.
Businesses may effectively prevent ransomware attacks by being proactive in their security approach and ensuring that strong measures are in place before malware infects their systems. Here are some suggestions for the best ransomware defenses to put in place:
· Usage of strong, reputable endpoint Anti-Virus security
· Email Security, Inside and outside the gateway protection
· Implement web filtering & Isolation technologies
· Providing Security Awareness Training to concerned staff
· Regular data backup and recovery
By following the above steps, you can begin to protect your organization against damaging ransomware attacks as discussed above. But, to have a comprehensive knowledge on how to protect your business, talk to one of our expert consultant. Also, you can request our service catalogue at https://www.cybersecuritylink.com.au/contact-1.
Comments