2023 is not going well for the UK in terms of ransomware attacks.
One of the leading newspapers of the country, guardianAttacked by ransomware in late December 2022, the paper’s owners finally admitted to staff that their data had been compromised three weeks after the start of the year.
Before any dust had settled on the matter, the UK’s main mail carrier, Royal Mail, was hit by a crippling ransomware attack using Lockbit 3.0 – a favorite ransomware attack method of Russian cybercriminal organizations, whose core components were leaked to the dark web in late 2022. . The effects of the attack lasted for several weeks and stopped outgoing mail from the island.
Then this happened…
Royal Mail continues to overcome a huge backlog caused by ransomware attacks as we head into February.
Today, a ransomware attack – again, is rumored to use the Lockbit method, and possible The Lockbit group itself – hit software supplier Aeon, and plunged the UK stock market into even more turbulent chaos since September 23.rd2022, when Prime Minister Liz Truss released a disastrous budget that wiped £30 billion off the British economy in the space of a day.
Why is ion attack so disastrous?
Because the software Aion provides is financial trading software, which is used by many prestigious trading houses in the City of London. By sending ransomware to Ion, the attackers compromised the activity of clients in 40 leading cities, meaning they could no longer use their computer systems to trade loans and derivatives around the world.
Atomic Ransomware.
These are systems that often depend on the second-to-important period, trading internationally to get the best results. Today, the Ion ransomware attack has caused traders to record their transactions with pen and paper, moving the process back nearly 50 years to a handful of heartbeats.
Ion released a brief and fairly terse statement about the attack and did not confirm that it was the work of the Lockbit group. “The incident is contained in a fixed environment, all affected servers have been disconnected and remediation of services is underway. Further updates will be posted as they become available,” it said.
It did not confirm – or deny – gossip that claimed the attack was made possible by exploiting a vulnerability in some VMWare servers.
While it would be both easy and dirty to take the “told you so” approach to such attacks, it is true that a significant number of cybersecurity experts have been trying to warn the business community for months that a) ransomware attacks will increase in prevalence throughout 2023, and b) That they would grow in their potential significance and mayhem.
Protect your supply chain.
In particular, the Ion attack distinguished itself as the first major “supply chain” ransomware attack of 2023. if guardian The attack proved that news organizations are by no means immune to ransomware, and the Royal Mail attack showed that it was possible to cripple a large part of the UK’s critical infrastructure, while the Ion attack showed the nuclear power of ransomware.
Whoever is ultimately responsible for the ion attack, has struck a link in the City of London’s trading chain. Up to 40 of the company’s clients were affected by any one incident. That’s why cybersecurity experts have been saying for months that ransomware can not only potentially destroy your business in an afternoon, it can also potentially take out your supply chain.
That means companies not only have a responsibility to their shareholders to make sure they’re doing everything they can to protect themselves from ransomware, they also have a responsibility to their supply chain – anyone they entice to do business with them – to make sure. They don’t account for the potential disaster other companies face due to cyber security negligence.
There is so far too little information about the attack to suggest whether there was any such negligence in the case of Ion, and to suggest that there was would be completely remiss. But the ratio of one injury to 40 subsidiary victims is a real-world example that experts have been urging the C-suites of companies around the world to take seriously for months.
A warning all Size of the business.
In the wake of the Ion attack, Jamie Akhtar, CEO and co-founder of CyberSmart (a company that deals with security for SMBs), said, “We’re not dealing with cybercriminals or threats. Instead, it looks like a calculated attack on the infrastructure that supports the UK’s financial system. What’s more, if the attribution rumors are true and the Lockbit group is behind the attack, it’s a sign that the ‘Cyber Cold War’ waged as part of the Ukraine conflict is starting to heat up.
We’ve seen a pattern of these attacks increasing over the past few months, so we urge all businesses, even SMBs, to be as vigilant as possible in updating and patching software, employing good cyber hygiene, and treating anything unusual with suspicion. “
While it may seem like there’s no connection between Ion, the main supplier to many top-flight financial companies in the City of London, and an average SMB, it’s important to understand how the cybercriminal world works. Big attacks, such as the Royal Mail Takedown and possible Ion Nuclear Bombs, are both highly effective in and of themselves, but they also serve as calling cards.
Although there has recently been a significant, virtually capitalistic, rash of consolidations and mergers in the cybercrime world (especially in the Russian sphere, where large firms have swallowed many smaller players), small operators still have to wet their lips.
A bad year for SMBs?
In early December 2022, Tech HQ sat down with Mike McLellan, Director of Intelligence for the SecureWorks Counter Threat Unit, who explained that ransomware will be a bigger threat to SMBs in 2023, as the nature of threats is likely to evolve. Including more attacks with smaller salaries that would likely avoid getting major attention from law enforcement.
This means, as well as momentous nuclear attacks like the Ion event that took the city of London back to the seventies, SMB can also have a rough year with ransomware.
Like businessmen who are investing in pencil sharpeners and erasers right now to finish their jobs tomorrow, the tech world is waiting to see how the ion attack finally shakes out.
