How You Can Learn From Oregon’s Jackson County ‘REvil’ Data Breach
If you haven’t heard of REvil, you might be stuck under a rock. The RaaS operation’s full title is Ransomware Evil, and it’s based on the movie “Resident Evil.” Procured in 2019, REvil is still going strong in 2020 and has added stealing data and threatening to sell it on the Dark Web as part of its ongoing campaign of cyber terror. The amount of ransom requested can climb as high as $10,000,000. The developers of the program employ and pay affiliates, other cybercriminals, at 70 to 80% of the illegal proceeds. The job of these affiliates is to penetrate networks and install the malware.
One attack of this type recently occurred in Jackson County, Oregon. The county’s web hosting provider, Managed.com, was infiltrated by REvil, rendering the website unusable for the foreseeable future. Officials were forced to fork out funds to open a new website for timely transactions, such as tax payment, marriage applications, election results, and others.
What Can You Do to Avoid a Ransomware Attack?
Security firms and the FBI are adamant that victims shouldn’t pay the high-priced ransom. This advice is based on the premise that when you pay, it merely encourages more of the same behavior. During 2020, as companies have been hit hard by COVID-19 losses, the ransomware groups are experiencing some loss. It is possible that many organizations have heeded the warnings to do backups often and that the information held for ransom isn’t needed. This could be why the cybercriminals have now doubled their efforts and are threatening data auctions, making the extortion pressure even higher. So, what can you do to avoid being attacked in this way?
- Email gateways should be used to filter any executable files before entering the system.
- Incorporate a 3-2-1 data backup. Make three backups: two on different storage types and one off-site. Keep in mind that ransomware can move into any cloud-based files containing a drive letter, so it is vital to use the different types of storage and make one of them a disconnected or off-site backup.
- Install patches often, as this cuts back on the likelihood of a data breach or system crashes.
- Remote Desktop Protocol, or RDP, should be disabled to rule out internet use.
- Microsoft Office macros should also be disabled for security. Educate employees about the risks of manually enabling macros.
- Controlled folder access will eliminate the running of executable files to local user profile folders.
- Consider hiring a security firm to assist with protecting mission-critical data. It is money well spent as opposed to losing this information.
Everyone should be concerned about a ransomware data breach. Cybersecurity is a necessity to protect your data from ransom or being sold. SureTec IT offers a full range of reliable managed IT services to maintain a stable IT environment. Our 24/7 support servicing Portland, Oregon, and Dayton, Ohio, ensures your system is running at maximum efficiency at all times! Go to our easy online contact form to schedule a call or meeting to discuss your needs.