Exagrid

You would think that ExaGrid, a backup appliance and anti-ransomware service might know how to avoid ransomware, but it was hit. 

According to the company’s website, “ExaGrid offers a unique approach to ensure that attackers cannot compromise the backup data, allowing organizations to be confident that they can restore the affected primary storage and avoid paying ugly ransoms.” But in this digital edition of “the cobbler’s children have no shoes,” ExaGrid paid cybercriminals $2.6 million after it was hit with Conti ransomware. 

The FBI announced last month that Conti ransomware had been used against the Irish healthcare system and at least sixteen U.S. medical and first responder networks over the last year.

Exagrid paid the ransom May 13, after several days of negotiation with the attackers, who claimed to have had access to their systems for over a month. Their original terms were $7.5 million for the decryption of 800GB of “important information.” 

The attackers claimed to have exfiltrated highly sensitive data including the personal information of employees and clients, tax forms, non-disclosure agreements and contracts.

Upon publication of this article, the Exagrid website still touted seven industry awards for work in the area of ransomware recovery solution, but this attack will harm its reputation, proving once again that no one is immune from the scourge of a well-targeted attack.

Takeaways:

  • While security products are an essential tool for protecting against cyberattacks, nothing is 100% foolproof.
  • We are in the midst of an ongoing ransomware epidemic.
    • Practice the 3Ms:
      • Minimize your risk of exposure: Don’t take unnecessary risks and invest in cyber defenses and education.
      • Monitor networks and accounts: Unusual activity may be a sign that a cyberattack is underway.
  • Manage the damage: Plan ahead in the event of a successful cyberattack and have a cyber liability insurance plan to help offset the costs.