One of the most notable ransomware attacks of 2021 happened this week. A hacker group named REvil deployed a successful ransomware attack on Kaseya that resulted in over a million infected systems. REvil is demanding over $70 million to be paid in order for the victims to retrieve their data. The hacker group also successfully extorted $11 million from meat-processor JBS last month.
What happened in the attack?
On July 2nd, 2021, REvil launched a ransomware attack on IT firm Kaseya. REvil is demanding $70 million to be paid in Bitcoin in order to publish a universal decryptor that can unlock all of the infected systems.
The FBI reported that this ransomware attack was a “supply chain ransomware attack leveraging a vulnerability in Kaseya VSA software against multiple MSPs and their customers”. This allowed hackers to maneuver through several controls and get direct access to Kaseya’s data.
Kaseya has released some early reports since the attack has been made public. Executives at the firm are claiming that only 60 companies and 1,500 downstream businesses were impacted by the ransomware attack. Investigations are still ongoing and it’s likely that more impacted businesses will surface with time.
Since the attack, Kaseya has released some patches to mitigate the risks associated with the ransomware attack. Their SaaS platform is now back online and a portion of their clients are returning back to normal operations.
What can businesses do to protect themselves from ransomware attacks?
There are several proactive measures businesses can take to prevent ransomware attacks from occurring. These include:
Educating employees: Your employees are your first line of defense. If your business has employees that are unable to recognize common cybersecurity instances, you are far more likely to fall victim to a ransomware attack. Taking a simple action like scheduling an annual cybersecurity training lesson can help establish a foundation for your business.
Firewalls: Human error is bound to occur in a business, so setting up a firewall is a great strategy to prevent ransomware from even reaching your employees. Firewalls ensure your business has at least one layer of security before a hacker can reach your employees, network or other sensitive data.
Back up data: Backing up data is always a good cybersecurity practice, but it’s even more crucial in the instance of a ransomware attack. By backing up data, you have the ability to reset your data prior to when the ransomware attack occurred. Without backing up data, you risk the chance of losing your data forever if a ransomware attack occurs.
To learn more about how you can protect your business from ransomware, take a free assessment here.