{"id":55699,"date":"2021-07-26T08:03:57","date_gmt":"2021-07-26T12:03:57","guid":{"rendered":"https:\/\/insi.net\/?p=55699"},"modified":"2021-07-26T08:03:57","modified_gmt":"2021-07-26T12:03:57","slug":"top-5-cyber-attacks-2021","status":"publish","type":"post","link":"https:\/\/insi.net\/insi-articles\/top-5-cyber-attacks-2021\/","title":{"rendered":"Top Five 2021 Cyber Attacks Affecting Atlantans"},"content":{"rendered":"
[et_pb_section fb_built=”1″ _builder_version=”4.16″ global_colors_info=”{}”][et_pb_row _builder_version=”4.16″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.16″ custom_padding=”|||” global_colors_info=”{}” custom_padding__hover=”|||”][et_pb_text _builder_version=”4.21.0″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” hover_enabled=”0″ global_colors_info=”{}” sticky_enabled=”0″]<\/p>\n
Atlantans have felt the sting of 2021 cyber attacks in the first half of this year. Before we recover from one, another attack is announced. Unfortunately, cybersecurity experts claim conditions will only worsen as we share more and more information online.<\/p>\n
There is no question cybersecurity will continue threaten Atlantans both personally and professionally in the coming years. Most phishing attacks start with an employee\u2019s cell phone, social media account, or personal\/professional email accounts. The company is affected if an employee is on a corporate device, or connected to the corporate network infrastructure, and clicks on a link infected with malware. After that, its game over. Now, someone is lurking on your network or you get hit with Ransomware. As a result, your corporate information, employee information, and client information is on the dark web.<\/p>\n
Let\u2019s take a stroll down memory lane and see the most significant cyber attacks affecting Atlantans in 2021.<\/p>\n
In May, Colonial Pipeline announced they were the victim of one of the most significant infrastructure ransomware<\/a> attacks in history. Within a minute, all pipeline productions stopped, and gas prices spiked across the Southeast. What happened? Colonial Pipeline did not use multifactor authentication, and hackers gained easy access with a users compromised username and VPN password.<\/p>\n On May 30, 2021, JBS S.A. suffered a ransomware<\/a> cyberattack that shut down meat production across the United States, Canada, and Australia. Upon investigation, it was determined the Russia-Linked cybercriminal group REvil was behind the attack. Fortunately, JBS fully recover after paying $11 Million and relied on their previous investment in cybersecurity protocols, redundant systems and encrypted backup servers.<\/p>\n In early March 2021, Microsoft\u2019s discovered over 30,000 Exchange servers were exploited within one week and issued a special zero-day patch. Upon investigation, they found that a Chinese company called Hafnium uncovered a weakness in Microsoft Exchange two months prior. Hafnium used \u201cweb shells\u201d (small scripts) to gain access to compromised Exchange systems. Homeland Security\u2019s Cybersecurity and Infrastructure Security Agency (CISA) advised businesses to apply patches or disconnect the Exchange server from the rest of the network altogether.<\/p>\n In early July, Kaseya, an IT solutions developer for Managed Service Provider\u2019s (MSPs), discovered they were hacked. To add insult to injury, they also found the hack caused a supply chain breach<\/a> that tricked down to 40 of their MSP clients and approximately 800-1500 of the MSPs customers.<\/p>\n At this time, they believe the Russia-Linked cybercriminal group, REvil, bypassed a vulnerability in the Kaseya VSA web interface and circumvented authentication controls, gained an authenticated session, uploaded a malicious payload, and executed commands via SQL injection. REvil demanded $70 million, but the group disappeared before anyone could pay it. Today, July 22nd, Kaseya released a universal decrypted key to restoring files from a third party. It\u2019s not known if Kaseya paid for it or who owns the third party.<\/p>\n Approximately 38,000 patients of Reproductive Biology Associates in Atlanta and their affiliate My Egg Bank North America had their embryology data compromised on April 7, 2021. The files contained full names, addresses, Social Security numbers, laboratory test results, and human tissue information. It is unknown at this time the source of the RBA ransomware<\/a> attack or if they paid the ransom.<\/p>\n There is no question cybersecurity will continue to threaten Atlantans both personally and professionally in the coming years. That\u2019s why Atlanta companies need an IT partner who provides both IT support and cybersecurity in a holistic approach. INSI\u2019s holistic IT approach includes IT support<\/a>, onsite preventive maintenance<\/a>, network and desktop monitoring<\/a>, and advice & solutions on the cybersecurity<\/a> risk that impacts you the most.<\/p>\n For more information about cybersecurity preventative measures for your company, connect with the top MSP in Atlanta, Contact INSI: 770-387-2424, option 2. In addition, we offer 16 different cybersecurity programs to protect you and your data.<\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}”][et_pb_button button_text=”Connect With INSI” _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}”][\/et_pb_button][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}”][et_pb_column type=”4_4″ _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}”][et_pb_text _builder_version=”4.16″ _module_preset=”default” global_colors_info=”{}”]<\/p>\nJBS ($11 Million Paid)
Affected Party \u2013 Meat Consumers<\/h3>\nMicrosoft Exchange
Affected Party \u2013 Business with Microsoft Exchange Servers<\/h3>\nKaseya (Unknown)
Affected Party \u2013 MSP\u2019s who use Kaseya and their clients<\/h3>\nReproductive Biology Associates (Unknown)
Affected \u2013 38,000 Atlanta Metro Patients<\/h3>\nSummary<\/h2>\n
INSI \u2013 The Top Atlanta GA Cybersecurity Advisors<\/h3>\n
About the Author<\/strong><\/h3>\n