| As some of you may be aware, there was a serious supply-chain attack on July 2nd that targeted IT service providers. You can read more about it here. What makes this type of attack so scary is that it not only hit IT vendors with ransomware but also every client the IT vendor manages. To make matters worse, the IT vendor could do nothing to prevent it from happening.
We want our clients to know that we do not use the software tools that were part of this attack and we are therefore not a victim. However, we also want our clients to understand what we are doing in response as well as what you need to be aware of.
First, criminals are great at not letting a crisis go to waste. There are criminals sending out phishing emails and even making phone calls targeting businesses pretending to be Kaseya, or an IT vendor that is there to help them. Obviously, they are not trying to help but trying to attack you.
Please ensure your staff are super diligent about suspicious emails or phone calls. Never let anyone remotely connect to any device unless you know them and are expecting them to connect. WE WILL NEVER EMAIL YOU AND ASK YOU TO DOWNLOAD AND RUN AN APP ON YOUR DEVICE. If you want to verify that you are speaking with one of our team members over email, do not hesitate to call our office at 704-980-8271.
Also, train your staff to say something if they see something suspicious. They should report anything suspicious to management and then have management reach out to us so we can investigate the suspicious activity.
Internally, we are evaluating our tools, processes, and protocols to ensure we are doing everything possible to limit our exposure to such attacks. We are continuously monitoring this situation for updates as to what happened and how we can better protect ourselves and our clients.
Cybersecurity is everyone’s responsibility. Together, we can make a difference and reduce the risk and impact of these increasing attacks. Ransomware attacks are running rampant, but an ounce of prevention goes a long way in reducing the likelihood and impact of a cyber-attack on your organization.
If you have any comments, questions, or concerns, please do not hesitate to reach out to me personally. If you want to know more about defending against ransomware, I will be speaking at a free virtual summit later this month. Sign up to attend for free and share this will as many others as you can.
All it takes for evil to win is for good people to do nothing. We are engaged in a cyber war. We will not waiver in our diligence to protect our clients. We hope that you will join in the fight by creating a culture of cybersecurity awareness within your organization. There are plenty of resources available to you. We are here to help.
Sincerely, David Sims david@securityfirstit.com
| 
