Hundreds of companies were hit with ransomware.
Unfortunately, there was bad news this weekend regarding computers being infected with ransomware. The same gang who were recently in the headlines for the pipeline and meat production ransomware attacks, have now hit their latest victims.
The most significant ransomware attack the world has seen.
What happened was, a software company called Kaseya got hit. Kaseya provides a tool to IT companies to assist in troubleshooting and providing remote support.
Similar to this, the SolarWinds attack not too long ago, occurred after the attackers managed to release an infected update to the software.
Therefore, all of the IT companies who used the software, and all of their clients are at risk.
What this means, is that thousands of businesses will be scrambling to recover from the attack this week.
Once it was released, the computers affected could be encrypted with a ransomware notice.
Those responsible, cybergang REvil, issued a statement demanding $70 million dollars to release the decryption keys.
They since stated that, “more than a million systems were infected”. If true, this is a previously unheard of reach in a cyber attack.
So far, experts have been estimating the reach of the attack. They have stated that more than 70 managed service providers were impacted.
What we can tell, is that the victims were spread out across the world, most in the US, Germany and Canada. Other locations include Australia and the UK.
Reportedly, the ransom on individual machines is $45,000 per computer (not on domain). However, for an entire domain the cost is reportedly $5,000,000 to recover.
Amongst those affected, Swedish supermarket giant Coop had to close 500 of its 800 stores due to cash registers no longer working.
Experts Respond.
In response to this, Adam Meyers, expert in security, recently made a statement.
“What we are looking at is a targeted attack on a service provider. Done to maximize impact and profit through the supply chain, during a holiday weekend when business defences are down. What we are seeing now in terms of victims is likely just the tip of the iceberg.”
Additionally, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued guidance for MSPs and customers affected.
Due to this, and since we are an MSP, we at Total Support Solutions want to ensure that you are protected against every scenario.
Thankfully, we can ensure that neither we nor our clients were infected.
However, we urge everyone to check that you have backups in place for critical systems and that they are tested frequently.
Finally, get in touch with us to discuss any of your backup or security concerns – stay safe!
