Business
Focused
Technology

Ransomware Attacks Aren’t Just for Big Companies

While millions of Americans were celebrating a long Independence Day weekend, something sinister was happening behind the scenes. Considered to be one of the largest ransomware attacks ever, more than 1,000 businesses worldwide were suddenly locked out of their own IT systems with demands to pay up to $5 million each to regain access to their encrypted business data.

According to Quartz, the initial breach occurred at a Florida-based software company called Kaseya on Friday, July 2. This conveniently coincided with Americans winding down their work and starting their long-awaited Fourth of July celebrations.

As families fired up their grills, watched neighborhood parades and chatted with friends, the ransomware attack spread like wildfire from Kaseya to approximately 1000 firms that used their software.  But it didn’t stop there.

The bad actors then encrypted each company’s data and demanded a ransom payment ($50,000 for smaller businesses and $5 million for large companies) in exchange for a data key that would provide access to the company’s own files. Today’s hackers are no longer recreational individuals or small-time troublemakers. They’ve become sophisticated, slick global enterprises that continue to level up their expertise and affiliations.

Strategic and Stealthy

So we’ve already addressed the fact that the hackers chose a long holiday weekend because they knew Americans would be distracted by socializing and relaxing. But we also need to recognize that this wasn’t a sudden attack.

The reality is much more insidious than it being a last-minute, random hack. In most of these massive ransomware attacks, the predators have been quietly crawling around your networks for months, gathering information and exfiltrating your data to another server (typically in another country), preparing for the final attack.

Imagine thieves hiding out in your corporate headquarters, manufacturing plant or warehouse for 120 days without anyone realizing they’re onsite watching every move. Then one day you arrive at work to discover that you’ve been locked out of your building and the thieves have access to everything – you’re at their mercy. Bad actors in the cyber sector are doing the same thing, virtually.

Ongoing Danger

In addition to the obvious frustration of not being able to operate your business during a breach, your company is exposed to a high level of risk that could be devastating. Bad actors can wreak havoc when they have access to financial information, healthcare records, proprietary trade secrets and other critical data.

The early July attack on more than a thousand businesses wasn’t a one-time event. It’s still happening, with hackers throughout the world quietly engaged in various stages of infiltration, encryption and lock-out. Even worse, their work is becoming increasingly automated, which elevates their ability to carry out a larger number of – and increasingly sophisticated – ransomware attacks.

The risk is real. Even for business-savvy professionals.

But we’re just getting started! Don’t miss Part 2 of our cybersecurity awareness, assessment and risk reduction report coming Thursday.


Article by Don Dawson, President

President, Transportation Company

Your technical support team has always been able to handle our needs quickly, efficiently, and patiently. We appreciate your timeliness and the hours you have saved us. It is great to know that we have people at IT360 capable to provide solutions to our problems.

President, Transportation Company

Recent
Technology News

IT 360 News
Multi-Factor Authentication

By Cybersecurity & Infrastructure Security Agency OVERVIEW Multi-factor authentication (MFA) is a layered approach to securing physical and logical access where a system requires a user to present a combination of two or more different authenticators to verify a user’s identity for login. MFA increases security because even if one authenticator becomes compromised, unauthorized users […]

Read more
IT 360 News
Hyper-Personalized Phishing Attacks on the Rise

Phishing attacks are flooding in like never before and becoming more sophisticated. In 2023, there was a 47.2% increase in phishing attacks compared to the previous years. The attacks are also spreading beyond emails to text messages, phone calls, and other forms of personal communication. AI TOOLS The rise in attacks is attributed to the […]

Read more