An IT management and software firm was recently the victim of a ransomware attack, which threatens businesses all over the world. Hundreds of businesses, including a railway, pharmacy chain, grocery chain in Sweden, and companies in New Zealand, were directly impacted by the supply-chain attack on the software company, which has been posting alerts on its website since Friday. However, at least 36,000 businesses were indirectly impacted by the attack because the organisation advised all its customers to take their servers offline on Friday and has yet to give them permission to re-enter the network.
According to the Ministry of Education, the effects of a cyber-attack in the United States have reached up to 11 New Zealand schools. Yesterday, the St. Peter’s school network was subjected to a global cyber-attack. We are working to recover data now that the system is stable. As a result, all school systems are currently inactive and will remain so for the next 48 hours.
Due to a global ransomware attack on the software firm, more than 100 kindergartens in the lower North Island are using pen and paper today. The chief executive of a kindergarten organisation stated that all member kindergartens – just over 100 in total – had been advised to turn off their laptops and computers while they investigated whether any data had been accessed.
“Our analysis has shown that 11 schools out of 2400 may have been affected by the ransomware attack,” said a spokesperson. He also added that they are currently working with those schools to provide them with support and will continue to identify if other schools have been impacted.
The attack targets the software company’s product, which allows small and medium-sized businesses to remotely monitor their computer systems and automatically handle routine server maintenance and security updates, among other things.
The government’s Computer Emergency Response Team (CERT NZ) has issued a warning to New Zealand organisations that use the software to manage their IT infrastructure that they may be targeted by a Russian-based ransomware attack. The targeted software company provides IT management software to Managed Service Providers (MSPs) and small to medium-sized businesses (SMBs) in New Zealand, including clients and partners.
Organisations should have multiple layers of preemptive security in place so that if a ransomware attack cannot be stopped, the impact can be mitigated. The incident response manager for CERT NZ also stated that organisations should get ahead by implementing preventive measures and having a plan in place for what to do if they are affected at some point.
OpenGov Asia reported that In New Zealand, more than half of businesses have been successfully targeted by ransomware, with 20% estimating that their company has been targeted by 16 or more ransomware attacks a quarter.
With the risk of attack so high, organisations looking to continue accelerating their growth need to have a proactive plan in place to protect themselves. Cybersecurity measures are necessary, but ransomware attacks frequently bypass them or exploit security vulnerabilities. If this happens, the only alternative is to pay the ransom unless the company has a secure backup system.
Most organisations back up their data for disaster recovery and business continuity purposes. However, data restoration from these legacy systems, on the other hand, can be slow and inconvenient, with no guarantees. If the backup data is likewise corrupted, the company may have no choice but to pay the ransom and assume that the attacker decrypts the data without causing any additional damage.
Those affected had their information encrypted and were usually demanded to pay a fee to have it decrypted. However, CERT NZ strongly discourages people from paying because the perpetrators frequently return for more money or use the obtained information to blackmail people.
Effective ransomware prevention necessitates the use of good monitoring software, frequent file backups, anti-malware software, and user training. Although no cyber-defence can completely eliminate risk, people can greatly reduce the likelihood that attackers will be successful.