As most of us enjoyed our 4th of July weekend, the IT industry was rocked by a sophisticated cyberattack. On Friday, a Russian based hacker group, REvil, exploited a popular IT management program to infect businesses throughout the world with ransomware. The Kaseya VSA tool, that was exploited, is used by IT Managed Service Providers (MSP’s) and large companies to manage and automate their systems. The FBI, Kaseya, security teams and IT providers around the world spent their weekend, including sleepless nights, working to control and remediate the situation. Over 60 MSP’s systems were exploited, impacting nearly 1,500 businesses around the world, particularly in the United States and Germany. Files on the victims’ systems were encrypted with ransomware. The hackers are asking $70 million decrypt all their victims’ computers, with individual ransoms ranging from $43,000 to $5 million.
This incident is just one of ever-increasing threats businesses around the world face every day. We have heard about recent attacks against large companies with exorbitant ransoms like; Colonial Pipeline ($5 million), and meat processing and packing supplier JBS ($11 million). Everyday small businesses are impacted by these ever-evolving attacks. In the past most attacks resulted in a businesses files being encrypted. In most cases now the cybercriminals are extracting the victims data before encrypting it. They then attempt to extort the business into paying ransom twice; once to decrypt their data, and a second time upon threat of releasing the data on the web. For businesses with client financial or health records, this can be absolutely devastating.
We have also seen an increase in smaller yet complex email scams. Posing as the owner (or part of the management team) criminals are sending emails to key staff requesting gift cards be purchased and the codes emailed to them. We have seen these emails directed to the accounting staff with details including knowledge of the supposed senders schedule. Frequently these are sent with phrases like, ”I am in a meeting and can not be disturbed, but I need this done ASAP”, or “I am out of town right now and not available by phone”.
Whether you realize it or not, your business is at war against these attackers. It is not a matter of if your business will be attacked, but when. All business owners and management teams should constantly be re-assessing the security of their systems and the tools they are using for protection. Relying on protection built into your operating system is not enough. A layered approach to security is required.
Waiting to address your security until after your systems have been impacted is far too late. 60% of small businesses that are hacked or a victim of a data breach close within 6 months. Your IT security is not something that you can put off for another day.
A few points to consider:
- How would your business continue to function if you were unable to access your computers for days or weeks?
- Does your business have the protection that is needed to keep your systems safe? Antivirus/Spam Filtering
- Do you have multiple layers of security?
- Does your business have strong password policies?
- Do you have reliable off-site backups?
- Does your business have a true firewall?
- Does your business have Cyber-Insurance?
- Is your staff trained on what is acceptable to install on company computers?
- Is your staff trained on what to watch for in email?
Infinite Solutions has been providing businesses in Southern Utah with security, computer, network support and IT solutions for over 23 years. We take our internal security and the security of our clients extremely seriously. If you feel your business may be at risk please call us for an evaluation of your systems.