The major technology provider CDW has reported that it is investigating claims made by a ransomware group that data was stolen in a recent cyberattack.
A company spokesperson reported revenues over $23 billion in 2022, claimed they are currently “addressing an isolated IT security matter associated with data on a few servers dedicated to the internal support for Sirius Federal, a small US subsidiary of CDW-G.
There were also several claims made this week by the LockBit ransomware collective, which demanded an $80 million dollar ransom in return for data, but was only offered $1 million allegedly. Even if the hacking group was willing to negotiate for a lower price than the current ransom demand, there’s still no guarantee that any data CDW may have lost will be recovered, or won’t be re-sold off to the highest bidder.
In fact, CDW has stated that they are aware that a third party had already made data available on the dark web which it claims to have taken from their environment. Cybersecurity expert Jon DiMaggio said the data leaked from CDW looks pretty bad from both a security and business standpoint.
The LockBit ransomware group continues to operating with near impunity, remaining some of the most prolific attackers currently operating. The gang has been responsible for crippling major hospital networks in New York, a city in France, and an electrical organization run by the government of Montreal just in the last 30 – 60 days.
Securing Your Devices and Email Phishing Preparedness
Ensuring that your devices software is fully up to date will help to prevent attacks like these from affecting your devices. By making sure that Windows software, as well as vulnerable tools such as WinRAR are up to date, these types of attacks can’t affect your machine. However keeping your devices up to date and secure is only half the battle. Prevention is the other half of the battle which can stop malicious code from affecting your machine before it even gets to you.
These attacks, and many other instances of such attacks first start with a phishing email. Known how to recognize phishing emails is key to preventing infecting files from ever reaching your computer in the first place. It’s important that you never open an archived file such as a .zip for example, from an email message.
It’s also a good idea to check the message headers at the top of any message you receive in Outlook to ensure that the person sending to you is who they say they are. You can also hover the mouse cursor over any hyperlinks within a message body, and view where the hyperlink will take you at the bottom-left corner in Outlook, before clicking that link.
When running an organization, from only a few employee’s to large corporate offices, cyber security is key to preventing massive data and financial loss. Partnering with a Managed IT Services provider like Natural Networks can help provide a secure email gateway which can block potentially malicious and phishing emails before they reach your teams inbox.
Furthermore, it’s necessary to constantly train your team to identify potential phishing emails and react accordingly. This form of training can help you identify potentially weak links, and users who may need additional help and training so as not to get fooled by an actual phishing email as mentioned above. If you’re interested in learning more about how Natural Networks can help you maintain IT peach of mind, give us a call today!
