7th July 2021

Cyber security

Huge cyber attack from REvil - what you need to know

Huge cyber attack what you need to know 450x450

Have you heard about the colossal cyber attack carried out by REvil? The Russia-linked group is one of the most prolific and profitable cyber-crime gangs in the world. It is believed to be one of the largest and most sophisticated ransomware attacks ever - far surpassing their recent hack of global meat processor, JBS, back in June this year.

What are the facts?

Here are the facts you need to know:

  • Hackers launched the attack on Friday 2nd July.
  • It targeted the Miami-based IT supplier, Kaseya.
  • A domino effect spread through corporate networks that use Kaseya’s VSA tool, which saw the ransomware gang encrypt the files of those customers.
  • To date, over one million systems have been infiltrated across 17 countries, namely, the
  • Swedish grocery store, Coop. They've had to shut over half of their 800 stores due to their till systems crashing.
  • REvil has demanded a ransom of $70m in Bitcoin to restore the data.

Why is this cyber attack so damaging?

This is a supply-chain cyber attack. That means that the hackers use a ‘one-point-to-many’ approach. They’ve directly attacked Kaseya (the supplier) and gained indirect access to millions of systems. This is a huge risk for so many companies out there, and one we talk about in our blog: ACCOUNTANTS ARE A PRIME TARGET FOR CYBER ATTACKS – ARE YOU PROTECTED?.

What we’ve done

Over the weekend, the team at Somerbys IT has proactively checked our clients’ systems for any links to the Kaseya VSA tool and can confirm that none of them have any Kaseya software installed.

What you need to do

The events of the weekend are another stark reminder that all businesses are constantly at threat from cyber crime, and the threat of ransomware is higher now than ever before.

According to FBI statistics, there has been a 400% increase in cyber attack complaints since the outset of the COVID-19 pandemic, and ransomware attacks are increasingly targeting SMBs.

We urge you to action these top tips immediately to ensure a base level of cyber security:

⭐ Use strong passwords on your accounts (but don’t use the same password everywhere).

⭐ Where possible, implement 2-factor/multifactor authentication (2FA/MFA).

⭐ Ensure you back up any data and systems critical to your business – at least daily.

⭐ Take a multi-layered approach to cyber security and install suitable solutions for your needs. Antivirus software and a firewall are no longer enough to stay cyber safe

⭐ Make use of email filtering solutions to help filter out spam, phishing emails and malware.

⭐ Ensure your cloud environments are protected too. Did you know that Microsoft does not back up your data? That’s your responsibility.

⭐ Consider cyber awareness training for your staff. Services from KnowBe4, Twist & Shout Communications and Twist & Shout Media offer great training solutions.

We will be proactively reaching out to all our customers to review the current cyber controls that you have in place, and to make any necessary recommendations.

We continually demonstrate our commitment to our own internal and supply-chain security, which is shown with our Cyber Essentials accreditation - a UK government-backed framework supported by the National Cyber Security Centre (NCSC). An obligatory technical audit of systems along with an external vulnerability assessment was necessary to gain this.

If you have any concerns over the level of cyber security that you have in place and would like to talk to one of our team straight away, feel free to give us a call on 0333 456 4431 or email us at info@somerbysit.co.uk.