Cybercriminals recently used ransomware to encrypt data from ASP.NET web hosting provider SmarterASP.NET, according to the company. SmarterASP.NET is working to resolve the issue and developing a new system to prevent similar incidents.
The SmarterASP.NET ransomware attack was discovered last week and affected both customer data and the company itself, ZDNet reported. SmarterASP.NET's website was inactive Saturday but reactivated Sunday, but some customers' accounts, data and websites remain inaccessible.
SmarterASP.NET has more than 440,000 customers worldwide. In addition, SmarterASP.NET manages data centers in the United States and Europe.
Cybercriminals Launch Ransomware Attack Against Insynq
The SmarterASP.NET cyberattack comes after Insynq, a web hosting and cloud services provider that works closely with MSPs, experienced a ransomware attack in July.
Insynq discovered the ransomware attack on July 16. The company began manually restoring customer accounts less than one week after the ransomware attack and ensured thousands of affected desktops were up and running within a few weeks of the incident.
CISA Offers Tips to Guard Against Ransomware Attacks
No organization is immune to ransomware attacks, and the U.S. Department of Homeland Security‘s Cybersecurity and Infrastructure Security Agency (CISA) offers the following recommendations to help organizations guard against these attacks:
- Keep software and operating systems up to date.
- Do not click on links or open attachments in unsolicited emails.
- Perform regular data backups.
- Limit user permissions to install and run software applications.
- Conduct application whitelisting to ensure only approved programs can run on a network.
- Use spam filters.
- Scan incoming and outgoing emails and filter executable files accordingly.
- Set up firewalls to prevent access to known malicious IP addresses.
MSSPs also can help organizations quickly identify and address ransomware attacks. They can provide endpoint detection and response (EDR), security information and event management (SIEM) and other security services, and in doing so, help organizations keep pace with ransomware attacks and other evolving cyber threats.