CyrusOne, one of the biggest data centre providers in the US, has suffered a ransomware attack, ZDNet has learned.
CyrusOne is currently working with law enforcement and forensics firms to investigate the attack and is also helping customers restore lost data from backups.
The incident took place yesterday and was caused by a version of the REvil (Sodinokibi) ransomware.
This is the same ransomware family that hit several managed service providers in June, over 20 Texas local governments in early August, and 400+ US dentist offices in late August.
You can read the full story here: https://www.zdnet.com/article/ransomware-attack-hits-major-us-data-center-provider/
Saryu Nayyar, CEO of Gurucul comments:
“The specifics of this attack are still not entirely clear, so the lessons learned are still to be identified. However, the majority of ransomware attacks are the result of well-known, preventable vulnerabilities. Known vulnerabilities are an easy path for an intruder to take to get into an organisation. But it’s apparent that many organisations still aren’t minding the cybersecurity basics and that’s why ransomware attacks continue to be launched – and continue to succeed. But good basic security practices can mitigate against ransomware and limit the impact of these attacks.
There are steps that organisations can take to protect themselves against ransomware, such as adopting a zero trust security method, having a regular backup routine, and implementing an established process for patching against known security vulnerabilities. The next step is to invest in modern cybersecurity solutions with machine learning algorithms that can identify anomalous behaviours in real-time, before an attacker can strike.”
(4)
Article Link: http://digitalforensicsmagazine.com/blogs/?p=2908