Atlantans have felt the sting of 2021 cyber attacks in the first half of this year. Before we recover from one, another attack is announced. Unfortunately, cybersecurity experts claim conditions will only worsen as we share more and more information online.
The Biggest 2021 Threat So Far…
There is no question cybersecurity will continue threaten Atlantans both personally and professionally in the coming years. Most phishing attacks start with an employee’s cell phone, social media account, or personal/professional email accounts. The company is affected if an employee is on a corporate device, or connected to the corporate network infrastructure, and clicks on a link infected with malware. After that, its game over. Now, someone is lurking on your network or you get hit with Ransomware. As a result, your corporate information, employee information, and client information is on the dark web.
The Most Significant 2021 Cyber Attacks Affecting Atlantans
Let’s take a stroll down memory lane and see the most significant cyber attacks affecting Atlantans in 2021.
Colonial Pipeline ($4.4 Million Paid)
Affected Party – Southeast Gasoline Consumers
In May, Colonial Pipeline announced they were the victim of one of the most significant infrastructure ransomware attacks in history. Within a minute, all pipeline productions stopped, and gas prices spiked across the Southeast. What happened? Colonial Pipeline did not use multifactor authentication, and hackers gained easy access with a users compromised username and VPN password.
JBS ($11 Million Paid)
Affected Party – Meat Consumers
On May 30, 2021, JBS S.A. suffered a ransomware cyberattack that shut down meat production across the United States, Canada, and Australia. Upon investigation, it was determined the Russia-Linked cybercriminal group REvil was behind the attack. Fortunately, JBS fully recover after paying $11 Million and relied on their previous investment in cybersecurity protocols, redundant systems and encrypted backup servers.
Microsoft Exchange
Affected Party – Business with Microsoft Exchange Servers
In early March 2021, Microsoft’s discovered over 30,000 Exchange servers were exploited within one week and issued a special zero-day patch. Upon investigation, they found that a Chinese company called Hafnium uncovered a weakness in Microsoft Exchange two months prior. Hafnium used “web shells” (small scripts) to gain access to compromised Exchange systems. Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) advised businesses to apply patches or disconnect the Exchange server from the rest of the network altogether.
Kaseya (Unknown)
Affected Party – MSP’s who use Kaseya and their clients
In early July, Kaseya, an IT solutions developer for Managed Service Provider’s (MSPs), discovered they were hacked. To add insult to injury, they also found the hack caused a supply chain breach that tricked down to 40 of their MSP clients and approximately 800-1500 of the MSPs customers.
At this time, they believe the Russia-Linked cybercriminal group, REvil, bypassed a vulnerability in the Kaseya VSA web interface and circumvented authentication controls, gained an authenticated session, uploaded a malicious payload, and executed commands via SQL injection. REvil demanded $70 million, but the group disappeared before anyone could pay it. Today, July 22nd, Kaseya released a universal decrypted key to restoring files from a third party. It’s not known if Kaseya paid for it or who owns the third party.
Reproductive Biology Associates (Unknown)
Affected – 38,000 Atlanta Metro Patients
Approximately 38,000 patients of Reproductive Biology Associates in Atlanta and their affiliate My Egg Bank North America had their embryology data compromised on April 7, 2021. The files contained full names, addresses, Social Security numbers, laboratory test results, and human tissue information. It is unknown at this time the source of the RBA ransomware attack or if they paid the ransom.
Summary
There is no question cybersecurity will continue to threaten Atlantans both personally and professionally in the coming years. That’s why Atlanta companies need an IT partner who provides both IT support and cybersecurity in a holistic approach. INSI’s holistic IT approach includes IT support, onsite preventive maintenance, network and desktop monitoring, and advice & solutions on the cybersecurity risk that impacts you the most.
INSI – The Top Atlanta GA Cybersecurity Advisors
For more information about cybersecurity preventative measures for your company, connect with the top MSP in Atlanta, Contact INSI: 770-387-2424, option 2. In addition, we offer 16 different cybersecurity programs to protect you and your data.
About the Author
Deborah Frazier is the author of IT Outsourcing Secrets – A Small Business Guide to Compare IT Support Companies. Moreover, with 20-years’ experience consulting small and medium-sized businesses on their IT support needs, she brings a wealth of knowledge to INSI as Head of Marketing and Sales. Therefore, if you like this article and would like to get notified when a new article is posted, click here
