Ransomware Attacks Aren’t Just for Big Companies

While millions of Americans were celebrating a long Independence Day weekend, something sinister was happening behind the scenes. Considered to be one of the largest ransomware attacks ever, more than 1,000 businesses worldwide were suddenly locked out of their own IT systems with demands to pay up to $5 million each to regain access to their encrypted business data.

According to Quartz, the initial breach occurred at a Florida-based software company called Kaseya on Friday, July 2. This conveniently coincided with Americans winding down their work and starting their long-awaited Fourth of July celebrations.

As families fired up their grills, watched neighborhood parades and chatted with friends, the ransomware attack spread like wildfire from Kaseya to approximately 1000 firms that used their software.  But it didn’t stop there.

The bad actors then encrypted each company’s data and demanded a ransom payment ($50,000 for smaller businesses and $5 million for large companies) in exchange for a data key that would provide access to the company’s own files. Today’s hackers are no longer recreational individuals or small-time troublemakers. They’ve become sophisticated, slick global enterprises that continue to level up their expertise and affiliations.

Strategic and Stealthy

So we’ve already addressed the fact that the hackers chose a long holiday weekend because they knew Americans would be distracted by socializing and relaxing. But we also need to recognize that this wasn’t a sudden attack.

The reality is much more insidious than it being a last-minute, random hack. In most of these massive ransomware attacks, the predators have been quietly crawling around your networks for months, gathering information and exfiltrating your data to another server (typically in another country), preparing for the final attack.

Imagine thieves hiding out in your corporate headquarters, manufacturing plant or warehouse for 120 days without anyone realizing they’re onsite watching every move. Then one day you arrive at work to discover that you’ve been locked out of your building and the thieves have access to everything – you’re at their mercy. Bad actors in the cyber sector are doing the same thing, virtually.

Ongoing Danger

In addition to the obvious frustration of not being able to operate your business during a breach, your company is exposed to a high level of risk that could be devastating. Bad actors can wreak havoc when they have access to financial information, healthcare records, proprietary trade secrets and other critical data.

The early July attack on more than a thousand businesses wasn’t a one-time event. It’s still happening, with hackers throughout the world quietly engaged in various stages of infiltration, encryption and lock-out. Even worse, their work is becoming increasingly automated, which elevates their ability to carry out a larger number of – and increasingly sophisticated – ransomware attacks.

The risk is real. Even for business-savvy professionals.

But we’re just getting started! Don’t miss Part 2 of our cybersecurity awareness, assessment and risk reduction report coming Thursday.


Article by Don Dawson, President

Principal Owner, Marketing Firm

Bringing IT360 on as our technology services “department” was one of the smartest business decisions we’ve made. Over the years, we’ve tried various similar services and have also hired internal IT staff, and we’ve never felt confident that we were adequately supported. IT360 has changed all that. They not only provide proactive, comprehensive technical support and consulting, they engage with us in a way that feels like they are part of our company…a true business partner.

Principal Owner, Marketing Firm

Recent
Technology News

IT360 News
Choosing a Cybersecurity Approach

In the first part of this series released on Tuesday, we set the stage for present-day ransomware attacks. These professional enterprises have developed (and continue to improve upon) automated technology that increases their reach and depth of attacks. Businesses can no longer take a wait-and-see approach or keep kicking the cybersecurity can down the road. […]

Read more
IT360 News
Ransomware Attacks Aren’t Just for Big Companies

While millions of Americans were celebrating a long Independence Day weekend, something sinister was happening behind the scenes. Considered to be one of the largest ransomware attacks ever, more than 1,000 businesses worldwide were suddenly locked out of their own IT systems with demands to pay up to $5 million each to regain access to […]

Read more