Major Dallas Data Center CyrusOne Inc. Discloses New Ransomware Attack
Cyberthreats are a serious problem in today’s world, and even those who are working hard to keep their data as safe as possible are at risk. This includes large data centers that have a primary objective of keeping their facility safe for all of their customers. In early December 2019, Dallas data center operator CyrusOne disclosed that they had suffered a ransomware attack. They told news outlets after the attack that they were working hard to restore service to six customers who were affected because of the attack.
The company said that most of the customers who were affected by the attack were hosted through the company’s data center in New York. This ransomware attack actually encrypted the devices of the managed service clients. The attack caused availability issues with a range of devices on the clients’ networks.
CyrusOne said that they are working with forensic specialists and law enforcement to investigate the attack. They also said that the Dallas data center colocation services were not involved in the attack. However, one of the clients that were affected was FIA Tech. This is a financial and brokerage firm, and they were without cloud services until CyrusOne was able to help restore the service. FIA Tech had to send out a message to its customers, letting them know what happened. They told their clients that the disruption was due to an attack that tried to obtain ransom from CyrusOne.
It was reported by ZDNet that the attack used a version of ransomware called REvil. This was not the first attack using this ransomware in 2019. In fact, in June of 2019, a number of managed service providers suffered the same type of attack. In August, more than 20 Texas local governments were affected, followed by more than 400 dentist offices in the United States.
REvil ransomware has been a massive problem for many companies since it was initially discovered during an attack on the WebLogic server from Oracle. McAfee, the security firm, tracked Bitcoin payments that had been made as ransom and found an account that had 443 Bitcoins in it. This was worth around $4.5 million. It is unclear if the attacks are all coming from one person or one group at this time.
The Need for Constant Vigilance
It’s true that there are many cyberthreats that are hard to detect and hard to stop. Sometimes, data centers and individuals are doing everything right, but they end up still becoming a victim. When attacks happen at the level that CyrusOne was affected, it has the potential to cause a cascading effect. Not only was CyrusOne affected, but so were six of their large clients, and those clients’ customers.
While it might not be possible to eliminate cyberthreats completely, it is important that attention is paid to these problems and that the authorities find the culprits. It is equally important for companies to continue to invest in quality security technology as it evolves and improves.