#61 – How to Make Sure that Your IT Provider Is Not A Ransomware Target


img_4479

EFFECTED USERS: Anyone who uses email

Hair of fire 3 of 5

SUMMARY: A ransomware attack effected email for millions, and it was just out of date software that let the hackers in.

Rackspace Technology, a cloud service provider, suffered a ransomware attack in December 2022, which caused email outages for some of its clients. The company reported that a small number of its dedicated hosting customers were affected, but thousands of clients migrated to its cloud services. Rackspace stated that it was able to restore affected systems quickly and that no customer data was compromised. The company did not disclose whether a ransom was paid to the attackers.

According to an article in CPO Magazine article, the Rackspace ransomware attack highlights the need for organizations to have a comprehensive cybersecurity strategy and to regularly review and update their security measures.

Former Microsoft employee and security researcher Kevin Beaumont stated that the Rackspace ransomware attack leveraged the ProxyNotShell Microsoft Exchange vulnerabilities According to Beaumont, Rackspace’s Microsoft Exchange servers had build numbers predating the ProxyNotShell vulnerability. He estimated that thousands of small and medium businesses had been impacted by Rackspace email outages.

Source: https://www.cpomagazine.com/cyber-security/rackspace-ransomware-attack-caused-email-outages-thousands-of-customers-migrated-to-cloud-services/

Here with me to discuss this today is: Yaniv Bar-Dayan.
Yaniv is the CEO and co-founder of Vulcan Cyber, a cyber risk vulnerability management platform. Yaniv is also a veteran of an elite Israeli military intelligence unit and has led numerous high-value cyber security projects throughout his career.

Welcome Yaniv.

So, What happened at Rackspace?

  • Servers not updated after Microsoft patched a vulnerability. The hackers found and exploited this unpatched system.

Questions to ask of MSP’s:

  • What is your vulnerability management policy?
  • Identity and access policy?
  • What is your Service Level Agreement (SLA) policy? Uptime? Data protection?
  • What is your disaster recovery policy?

Here are some Google/Bing Search terms to learn more:

  • “templates for vulnerability management programs”
  • “how do I hold my MSP Accountable to their vulnerability managment policy

OTHER RESOURCES

Yaniv’s LinkedIn: https://www.linkedin.com/in/ybd/ 

Yaniv’s Company – Vulcan Cyber: https://vulcan.io/ 

Vulcan Cyber Blog: https://vulcan.io/blog/ 

Vulcan Cyber Twitter: https://twitter.com/vulcancyber

Free Vulcan Account: https://vulcan.io/lp/vulcan-free/

That’s all the time we have!

Don’t forget to check out our sponsor, and home of my day-job: SAFE Classroom, at http://www.thesafe.io

Thanks for listening.

Published by

Unknown's avatar

David W. Schropfer

David W. Schropfer is a technology executive, author, and speaker with deep expertise in cybersecurity, artificial intelligence, and quantum computing. He currently serves as Executive Vice President of Operations at DomainSkate, where he leads growth for an AI-driven cybersecurity threat intelligence platform. As host of the DIY Cyber Guy podcast, David has conducted hundreds of interviews with global experts, making complex topics like ransomware, AI, and quantum risk accessible to business leaders and consumers. He has also moderated panels and delivered keynotes at major industry events, known for translating emerging technologies into actionable insights. David’s entrepreneurial track record includes founding AnchorID (SAFE), a patented zero-trust mobile security platform. He previously launched one of the first SaaS cloud products at SoftZoo.com, grew global telecom revenue at IDT, and advised Fortune 500 companies on mobile commerce and payments with The Luciano Group. He is the author of several books, including Digital Habits and The SmartPhone Wallet, which became an Amazon #1 bestseller in its category. David holds a Master of Business Administration from the University of Miami and a Bachelor of Arts from Boston College.

One thought on “#61 – How to Make Sure that Your IT Provider Is Not A Ransomware Target

  1. Pingback: Cybersecurity Expert Yaniv Bar-Dayan on DIY Cyber Guy – DIY CyberGuy with David W. Schropfer

Comments are closed.