Cyanweb Solutions, an Australian digital marketing and web services provider, recently suffered a cyberterrorist attack that resulted in the destruction of the company's cPanel web hosting server, the provider says.
More than 435 Cyanweb customer accounts were affected by the cyberattack, and an estimated 12 percent of customer data survived the attack, according to a prepared statement.
A Closer Look at the Cyberterrorist Attack
Cyberterrorists overloaded Cyanweb's server with sequential Swiss server IP addresses; these IP addresses sometimes are used by cybercriminals and cyberterrorist groups during distributed denial-of-service (DDoS) attacks, the company said. As Cyanweb focused on the DDoS attack, cyberterrorists simultaneously infiltrated the company's server, escalated their privileges and delivered a seek-and-destroy payload.
The cyberattack payload located and destroyed all backup disk drives, encrypted all user accounts and discovered and deleted database tables, Cyanweb indicated. Also, no ransom demand files or contacts were found, and there was no evidence that cyberterrorists downloaded any data from Cyanweb's server.
Cyanweb Responds to the Cyberattack
The cyberattack resulted in "total data loss," Cyanweb pointed out. Meanwhile, Cyanweb has a three-person team in place, and cyberattack recovery may require between 1,200 and 2,500 hours to complete.
Cyanweb shut off its server after it identified the cyberattack, the company stated. Email addresses attached to Cyanweb accounts were destroyed in the cyberattack, and the company does not have the information to rebuild user accounts from scratch.
To date, Cyanweb has provided instructions on its website to ensure customers can set up temporary holding pages for their sites, according to the company. It plans to provide recovered hosting cPanel logins and domain manager login details to customers as soon as possible.
Cyanweb also is evaluating its security measures and intends to incorporate extra backup layers into its servers, the company stated. In addition, Cyanweb will continue to provide updates throughout the recovery process.
Key Takeaways for MSSPs
The Cyanweb cyberattack shows that businesses – regardless of size or industry – are susceptible to cyberterrorism. However, MSSPs can help companies prioritize cybersecurity and quickly resolve cyberterrorist attacks.
MSSPs can teach companies about a wide range of cyber threats and help these businesses plan accordingly. By doing so, MSSPs enable businesses to increase their cybersecurity preparedness, lower their cybersecurity costs and improve their cybersecurity programs.