Opus Interactive Suffers Ransomware Attack, Losses Are Undetermined

Opus Interactive Suffers Ransomware Attack, Losses Are Undetermined

In today's video, I'm going to jump into this third-party ransomware attack that's affecting some other businesses. We're going to get into why these matters for your business. Let's jump into the content for today.

Opus Interactive, they are a web hosting firm. It looks like they're up somewhere in the northwest of the United States. They seem to have a lot of clients in the Oregon area. The reason we know this is because there's been two Oregon based organizations that have reported that their operations have been impacted by this cyber-attack on this hosting company, Opus Interactive. What's going on here is all their servers have been struck with ransomware at this hosting company and, that experts know of right now, it's affected the Oregon election systems. Not any government entity here. It's just the election system. But it's interesting because Oregon has a primary election coming up very, very soon. Their servers that they use for their election reporting donations, campaign contributions, was what was affected.

They are reporting no "government systems" have been affected, meaning that they are part of the municipal or state or local governments. This is just a separate system that was used by the election officials in the state of Oregon. That seems to be what is happening here, but then there’s also a private company that was also affected by this. If you're familiar with the company, Ruby Receptionist, Ruby Receptionist was also impacted by this third party cyberattack. Ruby came out and said that their operations have been affected and they're working with this Opus Interactive to get their systems back up and operational.

But think about this, Ruby Receptionist provides reception calling or answering services for a lot of small and medium sized businesses out there. If they can't answer calls, just think about the thousands and tens of thousands or potentially hundreds of thousands of businesses and people out there who don't have somebody answering their phone today or Ruby's just having trouble keeping up with their normal capacity because of what's going on.

This brings up a great topic for you to consider as a business person or business owner. Are you evaluating the third parties and the systems that you rely on that you might not own or control? Are you looking at these systems and doing the proper third party analysis to make sure that, A, these companies are doing what they can to protect your information and making sure that their services remain online, that they're cyber resilient and they have an incident response plan and that they have a business continuity plan. These are all very important questions that people need to start asking their partners and vendors as we move forward here.

What Xact I.T. Solutions recommend to our clients, when we meet with them, is that they evaluate their third parties constantly, asking them questions, just like you receive a questionnaire from maybe a partner that you do business with on what your cybersecurity practices are or maybe your cyber insurance company has sent you a questionnaire here or there asking you what your cybersecurity practices are. This is no different. You, as the business, need to have somebody responsible for reaching out to your third parties and making sure that they're not going to present a problem to you and your business' ability to deliver its products and services in a timely fashion.

Cybersecurity companies are seeing it too, too much now where companies are being impacted by another third party. People saw it with the Kronos and the Schedulefly's cyber-attack, where businesses just could not function or could not operate to their full capacity. In the Kronos example, companies couldn't run payroll properly for months and months while this system was down. It's really, really important that companies take this seriously.

Take advantage of this information. Go start putting a plan in place in your business to start evaluating your cyber security, but also evaluating your partners and vendors and suppliers third party cyber security strategy, because what they're doing could impact you or what they're not doing could impact you. The lesson learned here from Opus Interactive attack, check the third parties that you're working with and make sure that they're not going to cause a problem in your business because your employees, your customers, are depending on you to be open and operational every day. At this point in the game, when people know that this stuff is going on, it's kind of negligent for anybody to sit there and say, "Well, we didn't realize that that company going down could potentially impact our business."

You need to understand what the critical pieces are in your business that you need to deliver your products and services. You need to make sure that you have backups in place, other things that you can do, or you understand what will happen if this particular thing or system goes down and we don't have it available to us, what are we going to do? That's the most important thing. You want to do that ahead of time. You don't want to be figuring that out in the middle of an event. If you need any help with this stuff, guys, reach out to us.