Once again, a major ransomware attack has affected businesses and consumers across the globe. Kaseya, a software company that provides IT infrastructure for managed service providers, was the victim of this latest cyberattack. Over the 2021 Independence Day weekend, REvil, a Russian-based hacker gang sent out a malicious software update to Kaseya’s clients, resulting in up to 1,500 small businesses being compromised[1]. Now, the group is asking for USD 50 million to undo the damage, the largest ransomware demand in history[2].
While the effects on some compromised businesses were minor, others were hit hard. For example, hundreds of grocery stores in Sweden were forced to close after their cash registers became inoperable following the attack, with railways and pharmacies in the country also being affected[3]. Additionally, some New Zealand schools were taken offline because of the attack[4]. This worldwide attack shows how crippling ransomware attacks can be, and highlights the importance of businesses protecting and securing their data.
The History of REvil
REvil, short for Ransomware Evil, is a Russian-based group of cybercriminals that attacks businesses by encrypting their data and rendering it unusable until a ransom is paid to them. Founded in 2019, REvil quickly gained prominence and, recently, has increased the scale of its attacks. While the average ransom demand from REvil was just USD 728,000[5], recent attacks have shown the group’s willingness to aim for more. For example, REvil attacked JBS, a meat processing company, in May. While food shortages were avoided, the company still paid REvil USD 11 million to prevent further supply chain interruptions[6]. Even worse, REvil uses its ransom money to hire new hackers and research new ransomware technology, becoming a thriving business of cybercrime[5]. In just two years, REvil has become a powerful group, launching successful ransomware attacks across the globe.
A Troubling Trend
Unfortunately, the Kaseya attack is just one example of a larger problem faced by businesses around the globe. Hacker groups seek to attack and exploit any business they can by threatening to destroy or leak data unless a massive payment is made. Much worse than simple computer viruses, ransomware attacks can grind business to a halt within hours.
Cyberattacks involving ransomware have increased further in 2021, with recent attacks affecting people and businesses around the globe. In May, an attack on the Colonial Pipeline affected millions of Americans, causing fuel shortages in the Southeast. Even though Colonial Pipeline paid the ransom within hours of the attack, the effect was still felt by millions.
The Colonial Pipeline attack was just one of the thousands of expected ransomware attacks in 2021[7], and, unfortunately, they show no sign of slowing down. As long as hackers continue to find vulnerabilities in business security, ransomware attacks will continue. With more and more work being done online, data becomes more and more vulnerable. Ransomware attackers can strike at any time, destroying a business’s ability to function. And even if a business pays the ransom, it can take a long period of time to get back to normal.
So while ransomware prevention can be a headache, it helps make sure you are as protected as possible from attackers. After all, there is nothing hackers love more than a business with lax cybersecurity.
Tips to Prevent Ransomware Attacks
Create and Frequently Update Offline Backups of Data: While this is a time-consuming process, this is the best way to ensure your business can still function if a ransomware attack occurs. Backing up your data offline ensures that if you are affected by ransomware, your important data will be safe from hackers. Simply delete your affected systems and reupload your offline data onto a new system.
Consider Using White Hat Hackers: While hackers have a negative connotation, white hat hackers can help businesses tremendously. They ethically check and test your cybersecurity measures and inform you of any potential vulnerabilities. Once you know the issues, you can fix them and protect your business from the hackers who wish to hurt rather than help.
Update your Antivirus Software: This is the simplest, easiest way to make sure you and your business are protected from ransomware attacks. Each update of antivirus software helps patch vulnerabilities that are present. Staying up-to-date helps ensure you are as protected as possible from unethical hackers who check for holes in security. If your business is on an older version of antivirus software, hackers can find a way past the protection and hold your business hostage. Patching these holes through software updates keeps you safe from old security bugs that attackers often exploit.
The Future of Ransomware
As technology evolves further, unfortunately, so do the practices of unethical hackers. Every day, businesses and individuals put data at risk of cyberattacks. While businesses and antivirus softwares try to ensure every security vulnerability is patched, hackers may still find a way to attack. However, following the tips mentioned before and safeguarding your data can make you less likely to become a victim of a ransomware attack.
Unfortunately, if attackers obtain data and threaten to sell or leak it unless a ransom is paid, a business has few options other than paying the ransom or losing the data. Once attackers have access to the data, there is not much a business can do. This is why the best defense against ransomware is prevention. Taking the time to secure your data, update your software, and find vulnerabilities will increase your protection from cybercriminals who wish to wreak havoc on a business.
Securing Your Data
At AXEL, we believe data privacy is a right. Unlike other tech companies, we will never sell your data to third parties, helping ensure your data is only yours. Our file-sharing application, AXEL Go, uses blockchain technology and AES 256-bit encryption to provide the most secure cloud-sharing system in the industry. Whether for business or personal use, AXEL Go helps protect your most important files.
Sign up today to receive a free 14-day trial of our Premium service with all of AXEL Go’s features unlocked. After the trial period, you can choose to continue your Premium account for just $9.99/month or use our Basic service free of charge. Together, we can help protect data from malicious attackers.
[1] “Up to 1,500 Businesses Compromised by Latest Ransomware Attack, Kaseya CEO Says.” CBS News. July 06, 2021. http://www.cbsnews.com/news/ransomware-attack-kaseya-1500-businesses/.
[2] “In Private Conversation, Hackers behind Massive Ransomware Outbreak Lower Demand to $50 Million.” CNBC. July 05, 2021. http://www.cnbc.com/2021/07/05/revil-hackers-behind-massive-ransomware-outbreak-drop-demand-to-50m.html.
[3] Browning, Kellen. “Hundreds of Businesses, From Sweden to U.S., Affected by Cyberattack.” The New York Times. July 03, 2021. https://www.nytimes.com/2021/07/02/technology/cyberattack-businesses-ransom.html.
[4] Satter, Raphael. “Up to 1,500 Businesses Affected by Ransomware Attack, U.S. Firm’s CEO Says.” Reuters. July 05, 2021. http://www.reuters.com/technology/hackers-demand-70-million-liberate-data-held-by-companies-hit-mass-cyberattack-2021-07-05/
[5] Javers, Eamon. “Axis of REvil: What We Know about the Hacker Collective Taunting Apple.” CNBC. April 23, 2021. https://www.cnbc.com/2021/04/23/axis-of-revil-inside-the-hacker-collective-taunting-apple.html.
[6] Bunge, Jacob. “JBS Paid $11 Million to Resolve Ransomware Attack.” The Wall Street Journal. June 10, 2021. https://www.wsj.com/articles/jbs-paid-11-million-to-resolve-ransomware-attack-11623280781.
[7] Hum, Thomas. “Over 65,000 Ransomware Attacks Expected in 2021: Former Cisco CEO.” Yahoo! Finance. June 14, 2021. https://finance.yahoo.com/news/over-65000-ransomware-attacks-expected-in-2021-former-cisco-ceo-125100793.html.
