A Global small business cybersecurity issue involving a managed IT Support software vendor occurred recently. The Kaseya ransomware attack covered the world just before the 4th of July. Why so widespread? Because the damage from the recent attack has spread from company to company like a chain reaction, from one international partner to another.
The attack involving Kaseya, one of the largest IT software IT resource and monitoring providers was very effective and focused on the software used to remotely manage computers. At first, there were reports of about roughly 40 businesses suffering. However, as the chain of attacks spread, as many as 1,000 companies have found themselves in a difficult situation.
Who Did It
Investigations were launched to determine responsibility for the global hack, and A Group known as, REvil, is the primary suspect for the largest known cyberattack to date on small businesses. Several months before, in the spring of 2021, they hacked JBS, a meat processing company.
Other experts are blaming Russia for these incidents, as studies say that most such attacks may have been performed by hackers geo located in that country throughout recent years. REvil is reported to work from there as well.
Attacks have become more frequent and sophisticated leaving us to wonder if they will ever stop.
It’s said that the ransomware was used to steal important data before locking the owners out of their systems. And the attack itself was very accurate since it was aimed at a company that works with and provides software for many managed IT Services companies that in turn work with both large and small businesses. The result has been catastrophic.
What They Want
There are two ransom notes demanding, you guessed it, money from large and small businesses for access to their databases:
- $50,000 from every small business affected;
- $5 million from every large company affected.
Researchers say this is the largest known attack, considering the number of companies suffering from it. The only comparison is the WannaCry hacking back in 2017. That time, it was linked to North Korea. But this time, things are different.
What the Consequences Are
Online stores are closed, small businesses are panicking. The financial losses are huge, but the CEO of Kaseya states that the vulnerability was found and the best specialists are working on fixing it at the moment.
Tensions between the USA and Russia are increasing as well, and the timing is poor considering that just recently, President Biden and Russian President Vladimir Putin met in Geneva. During that meeting, there was a conversation about Russian cyberattacks and how the US is going to hold these rogue countries accountable for each offense.
Hopefully, the issue will be resolved soon, and most businesses will not have to pay large sums of money to regain access to their data.
So, the subject on the importance of business cybersecurity remains open with every large attack like this one. No matter how hard companies try to preserve their security there’s always a group of bad actors that succeed in breaking the barriers.
Will this ever stop and if so when? We don’t think they will stop anytime soon. That’s why it’s so crucial to update your network infrastructure, security software and operating systems no matter how great you believe they are . It’s more difficult to hack something that is constantly changing, improving, and evolving.