ransomware attack on Kaseya VSA

Don’t Panic Over Reports of Another Serious Ransomware Attack – ACT

By | business continuity, Ransomware, thinkCSC Security Alert | No Comments

Just as everyone was getting ready to celebrate Independence Day, a major cyberattack occurred. What made this ransomware attack different from others was that the cybercriminals went after MSPs, via Kaseya VSA – Kaseya’s RMM (remote monitoring and management) tool.  By doing so, the perpetrators gained access to many of Kaseya’s MSP clients as well. More than 17 countries have now been impacted.

thinkCSC does not use Kaseya VSA.  However, this should serve as yet another wake-up call to every business of every size that the risk is real: No one is immune to cybercrime. Another business is compromised every 11 minutes. And most of the time, the attacks are preventable. So instead of panicking, it’s time to take action.

Risk Assessment

If you don’t know where you’re vulnerable, you need to assess your risk. Our team can evaluate your existing security protocols and make suggestions for what needs to change to keep you safe. This is the place to begin, even if you already have an MSP partner, to make sure your data and your customers are protected.

Comprehensive Security

Experts have been predicting for years that cyber warfare is going to be the next global pandemic. We’re already seeing signs of large-scale threats disrupting everything from energy and food to medical care. There is no time to waste, no excuses not to act. If you don’t have comprehensive security in place, you are at risk.

What if…?

Consider what would happen if a data breach occurred at a local bank, an online shopping site, or a social media company. What if the cybercriminals were able to access thousands of usernames and passwords? What if one of these compromised passwords belonged to an employee in your organization? How would that impact your company?

You’re Only as Safe as Your Employees

Can you be sure that an employee has not reused a compromised password somewhere within your network? Do you have a password manager and multi-factor authentication in place? Do your employees know the risks and how to minimize them? If a threat becomes evident, do they act swiftly to minimize that threat by changing passwords and enabling 2FA on all of their accounts?

Employee Awareness Training Turns Your Team into a Strong Layer of Security

How capable are your employees of recognizing phishing emails? Do they know the steps to take if their data has been involved in a breach? Are they reusing the same passwords from their personal accounts on your business network?

In almost all of the major ransomware attacks that occur, there is a missing security element: a piece of software has gone unpatched; a former employee’s access to the network has not been rescinded; an employee is tricked into wiring money to a hacker because of a convincing email. Employee awareness training can help eliminate that risk.

In the time it took you to read this article, another business will experience a ransomware attack. Will yours be next?

We all have an opportunity to use these latest threats as a reminder to shore up our security, both personally and within our organizations. There is no more time to lose. The next ransomware attack is already underway. If you’re not sure where to begin, get in touch with our team to talk about risk assessments, employee awareness training, and comprehensive cybersecurity solutions.

robbinhood ransomware

Municipalities Under Threat from RobbinHood Ransomware

By | BDR, Cybersecurity, Ransomware | No Comments

Baltimore is the latest city government to fall victim to ransomware, for the second time in as many years. The city’s systems have been locked up since May 7 after being attacked by “RobbinHood” ransomware.

While the mayor is refusing to negotiate with the hackers or pay the 13-bitcoin ransom they’ve demanded, many of the city’s networks have been compromised, including police email and board of elections.

What Is RobbinHood Ransomware?

RobbinHood ransomware is a ransomware that targets an entire network and attempts to take over as many systems as possible. Once infected with the ransomware, it demands bitcoin payment in order to release the files. In the case of Baltimore, they’ve requested demanded $17,600 in bitcoin per system — a total of about $76,280, according to Dark Reading.

How Do You Get RobbinHood Ransomware?

Like other ransomware, the RobbinHood hackers gain access to an organization’s network through phishing emails that are deliberately designed to appear legitimate to the recipient of the email. In the case of Robbin Hood, they use several psychological tricks to compel the email recipient to click on the link that begins the encryption process. Prior to the attack on Baltimore, they successfully infiltrated Greenville, North Carolina networks.

Stop Clicking Links and Downloading Files

Email is a convenient method for communicating and has made business operations so much more efficient, but every employee in every organization has an obligation to stop clicking on links and files. If there is any doubt whatsoever about the legitimacy of the email (and even if there is not any doubt) follow up in person or over the phone with the sender to make sure they actually sent the file.

What to Do If You Get Ransomware

If you believe your network has been infected with ransomware, or if you have received a ransom demand, immediately disconnect from the network and call your IT department or managed services provider. In many cases, you can prevent the attack from getting worse by removing access to the network by the infected system.

Don’t Pay the Ransom

Paying the ransom only fuels the motivation of hackers to continue holding businesses hostage. Instead, make sure you have mitigated your risk by having a disaster recovery and data backup plan in place. Regular offsite backups can protect you from needing to pay a ransom to gain access to your network.

If you are concerned about the threat of RobbinHood and other common ransomware threats, contact us to learn more about how you can improve your security and better protect your organization. As you can see, every organization – from schools and hospitals to municipalities and utilities to businesses of every size – are at risk.

At thinkCSC, we take security seriously, offering innovative levels of security monitoring for our clients. Cyber threats are a normal part of doing business, but these risks can, and should, be addressed and abated. Partnering with the right managed services provider does make a difference. Today’s MSP does more than just provide technology and facilitate server upgrades; the right MSP is an integral layer of your cybersecurity, providing the expertise you need to remain competitive, secure, and in business. We can partner with your Columbus-region organization to develop a unique solution designed to fit your business model. Take the first step towards advanced cybersecurity practices and contact us today to learn more about our managed security services.