Back Up Often And Off-Line To Help Address Ransomware Risks

The SolarWinds cyberattack that stole sensitive data from thousands of government offices and private companies was likely the largest security breach in history.

Now, an Israeli cybersecurity expert has said the ransomware attack conducted by the Russian-based cyber gang REvil before the Fourth of July holiday weekend may be even bigger.

The Fourth of July attack targeted IT management software provider Kaseya, which provides IT management tools to 40,000 customers worldwide. REvil only attacked around 40 of its clients; however, some of the targeted organizations are Managed Service Providers (MSPs) that work with hundreds of other organizations. 

According to the Israeli cybersecurity expert, thousands of organizations were affected by the attack, including the Swedish grocery store Coop, which had to close more than 800 stores because of downed systems. 

The cybersecurity expert says REvil intentionally conducted the attack at the beginning of a holiday weekend when many victims would be out of the office and would not learn of the attack for days.

REvil has demanded large ransoms from victimized companies, in some cases as much as $50,000 per employee.

Kaseya advised its clients to shut their servers down temporarily to avoid falling victim to the Fourth of July ransomware attack and to be suspicious of any communication from REvil.

In June 2021, a large U.S. meat packer paid an $11 million ransom after a similar attack shut down operations at several of its largest facilities.

According to the Israeli cybersecurity expert, "The only solution is preparing ahead, because the question isn't whether something like this will happen, but when." Zev Stub "July 4th ransomware attack may be the largest ever – expert" (Jul. 4, 2021).


Any organization is a potential target, including smaller employers.

Work with a cybersecurity expert to determine your organization’s vulnerabilities and address those vulnerabilities as soon as feasible.

Common protections include installing cybersecurity software and patching all software as instructed.

Equally important for any organization is backing up all important data in a safe, siloed location, like an external hard drive. It always a best practice to have several backups.  

Finally, have a plan in place on what to do if you receive a ransom demand, including what vendors you will need to call to assist you in addressing the risk.

Finally, your opinion is important to us. Please complete the opinion survey:

What's New

The Right And Wrong Way To Monitor Employee Internet Use

A recent announcement creates controversy over privacy rights. Employers often use technology to monitor employees. However, they must do so wisely. Read more.

Why Implementing "Zero-Trust Principles" Can Help Prevent Credential Hijacking

With cybercriminals relying less on malware, organizations must protect their networks, devices, and data with zero-trust security. Learn more.

Keep Devices And Wearables Close And Secure To Prevent Stalkerware

The FTC cracks down on one manufacturer of stalkerware. How can you keep stalkerware and other forms of spyware from tracking you? We provide tips.