At this time the Global Resilience Federation, a nonprofit provider and hub for cyber, supply chain, physical and geopolitical threat intelligence exchange between information sharing and analysis, has recommended the following actions to prevent events like this in the future:
Why are western countries the counties hardest hit by ransomware? The hackers know western companies have insurance policies for ransomware demands. On top of that, American companies are often willing to pay the large ransoms in order to regain control of their systems and data. Most ransomware groups are based in countries that do not allow US interference with the groups making it extremely difficult to hold any of the cyber criminals accountable. The rise in cryptocurrency’s popularity also makes it very difficult to trace transactions. This makes having reliable and secure backups and investing in IT systems and cybersecurity the only ways to stop these attacks from being profitable to the hacking collectives.
If you have any questions regarding the Kaseya attack, Ransomware, or any of the NERC CIP Standards, NIST Cyber Security Standards, or general utility cyber security questions, please contact the GDS Cyber Security Team:
Bill Bateman Bill.Bateman@gdsassociates.com
James Fenstermaker James.Fenstermaker@gdsassociates.com
Dex Underwood Dex.Underwood@gdsassociates.com