(844) 915-5155
(844) 915-5155

Rackspace Hacked in December 2022: How to Protect Your Organization from a Ransomware Attack

Rackspace Hacked in December 2022: How to Protect Your Organization from a Ransomware Attack
Published Dec 06, 2022

On December 2nd, 2022, Rackspace experienced a security incident that later determined to be a ransomware attack impacting tens of thousands of people. Rackspace is a public cloud computing company and an early service provider of cloud solutions. This article will discuss what happened, and how you can protect your organization from a ransomware attack on itself or its technology vendors in the future.

Rackspace ransomware incident impacts tens of thousands

“…this suspicious activity was the result of a ransomware incident.” In response Rackspace is continuing to move “tens of thousands of users” to Microsoft Office 365.

The entry point for the ransomware attack has not been disclosed, though based on circumstantial evidence we would infer that it came from an unpatched Microsoft Exchange vulnerability. We based this assumption on the fact that Microsoft Exchange vulnerabilities have been frequently exploited in 2022.

What is a ransomware attack?

rackspace ransomware

A ransomware attack is a combination of encryption software and hackers. The software encrypts your data preventing you from being able to access it unless a hacker provides you a decryption key which most frequently you need to pay for. The software can be initially installed in many different ways post compromising your environment.

An additional element of ransomware attacks that has become the norm since 2021 is exporting your data during the attack to cloud storage and then demanding payment for both providing you a decryption key and to prevent you from publicly selling or disclosing your data.

How to Protect Your Organization from a Ransomware Attack

There is no simple answer here. Ransonware attacks happen after you have already been compromised in any number of ways. Frequently the entry point is human error and/or lack of multi factor authentication system (MFA). Almost as frequently it is unpatched security weaknesses that hackers exploit.

Our best recommendation is to follow the Center for Information Security (CIS) 18 critical security controls from top to bottom – CIS regularly updates the critical controls based on findings of why compromises occur most frequently, and the controls address 98% of risk. Additionally, ensure that you have adequate cyberattack insurance as no one can be 100% protected.

How to Protect Your Organization from technology vendors security incidents

Again, there is no simple answer. We recommend minimally implementing two ISO standards

  1. ISO 27001 Section 15 – Supplier Relationships. This allows you to get control and awareness of your suppliers and vendors so you can determine before an event what your risk might be.
  2. ISO 22301 Security and resilience — Business continuity management systems. This allows you to put together a plan that you regularly test various incident scenarios to better prepare.

Though the Rackspace hack is unfortunate, having such a public company be visibly hacked, serves as a lesson that the rest of us can apply and prevent being hacked ourselves.

You may also like

Jul 18, 2022

Why XL.net Exists

Dear Small businesses, the people within them and XLnetters, I have struggled since early 2009, b...

Oct 19, 2020

We were published on Forbes.com!!

Thank you to the wonderful editors and proofreaders at Forbes.com for launching our article Four Tec...

May 21, 2020

Chicago IT Support and Outsourcing Selection Guide

Your business has decided it's time to change your Information IT support / Information Technology d...

Jan 18, 2023

The Complete Cyber Insurance Coverage Checklist

In 2021, small and mid-sized business owners attacked by cybercriminals spent an average of over $25...

Jan 17, 2023

How to Choose a Managed Services Provider for Your Business

A managed services provider (MSP) is a partner that provides for all of your IT needs, from security...

Jan 10, 2023

5 Important Benefits of Cyber Security Training You Should Know About

As a business owner, you know how valuable your data and information is and how it needs to be prote...