SoylentNews is people
SoylentNews
About 200 US businesses have been hit by a "colossal" ransomware attack, according to a cyber-security firm.
Huntress Labs said the hack targeted Florida-based IT company Kaseya before spreading through corporate networks that use its software.
Kaseya said in a statement on its own website that it was investigating a "potential attack".
Huntress Labs said it believed the Russia-linked REvil ransomware gang was responsible.
The US Cybersecurity and Infrastructure Agency, a federal agency, said in a statement that it was taking action to address the attack.
The cyber-breach emerged on Friday afternoon as companies across the US were clocking off for the long Independence Day weekend.
The two big things that are keeping cyber-security professionals up at night lately are ransomware attacks and supply chain attacks. This latest incident combines both nightmares into one big Independence Holiday weekend-ruining event for hundreds of US IT teams.
Ransomware is the scourge of the internet. Multiple organised criminal gangs are constantly attempting to gain access to computer networks to hold them hostage. The rate of attack is relentless but it can take a lot of time and effort on the criminals part to successfully hijack one victim's computer system.
See also:
(Score: 2) by RS3 on Saturday July 03 2021, @06:38PM (1 child)
Absolutely agree, all true. As too often with these kinds of stories, I don't know the specific details. It would be much more useful reporting if they'd tell us so that everyone can learn.
I do know a company that lost pretty much all of their data, documents, etc., to ransomware that came through an email attachment (phishing attack). Like too many (most) people they use a browser to open webmail, or Outlook or some such that will run html and javascript, and then you're done, no inherent / OS vulnerabilities necessary.
They had no IT staff (tiny company) nor outside help, so they're just doing what most people do- using the computers the best they can. Someone had set up shared drives, so the ransomware had access to everything.
If they ran Outlook / browser in a very tightly walled container, it might have been averted, but that's quite a lot more time and effort for very busy office workers who are constantly working email, various customer / sales / inventory / shipping / etc. databases, and would be overwhelmed with the container layer, getting data in and out, saving legitimate attachments, etc. I know it can be set up to be safer, and obviously needs to be.
Every now and then I get an email that's blank in my email client. My client will display the raw html code, but not render it, and certainly not run javascript. The blank ones are entirely javascript (recent ones coming from a temp / job agency).
(Score: 2) by digitalaudiorock on Sunday July 04 2021, @01:15PM
I currently use Thunderbird under Gentoo for email, but only because I need to use it for work emails, were I need to be able to reply to everyone else's bullshit html emails. If it were just for my personal email, I'd be using something like claws mail with no html at all. Those God-awful html emails are another travesty started by MS. Hate it to this day. I'd kill to have all email go back to plain text, possibly with file attachments.