LogicMonitor hit by cyberattack

Network monitoring company LogicMonitor reported it fell victim to a cyber attack that affected a “small subset” of customers.


 

Attack used their own software against them

Once in, attackers used the LogicMonitor Collector sensors to distribute ransomware due to their scripting capabilities.


 

Untold damage

There are currently no estimates on the cost of damages, including lost/encrypted files.  Investigations are on-going and will determine the full scope of the incident.


News > Cyber-Attacks > Ransomware
by Kevin Wood

LogicMonitor fell victim to ransomware

 

 

Customers hacked in recent attack

In yet another example of how, if someone really wants to get into a system, they’re going to get in… LogicMonitor, a network monitoring company, confirmed yesterday that some of it’s customers have fallen victim to a cyberattack. 

While not confirming directly that the attacks were ransomware attacks, anonymous reports from sources close to the incident have confirmed that hacked customers saw local accounts compromised and ransomware being deployed.

What makes it worse is that the same source also confirmed that the hackers used the LogicMonitor Collector sensors to deploy the ransomware once they were in the system.  The Collector monitors server infrastructure but it also has scripting capabilities that allow back-end processes to be run.

Another separate report indicated that weak passwords were the reason attackers were able to gain access.  Customers using default passwords, or very simple passwords, were easily compromised as the attackers used public knowledge and brute-force attacks to gain access to systems.

What’s unknown is who is behind this attack and exactly what the ransomware did, and who was affected.  LogicMonitor stated they were working directly with affected customers to ensure they stay operational.

“LogicMonitor had reached out to us proactively with a possible username/password breach for a few of their customers via a call, which could lead to systems that are being monitored by LogicMonitor to be compromised with a ransomware attack and henceforth this proactive reach out,” one of the company’s customers also said.

An investigation is on-going as LogicMonitor looks to find out who is responsible for this.  As of yesterday, they reported all systems were back online and everything was operational, but it remains to be seen if that’s true or not.

It brings to the forefront yet again the importance of having multiple layers of security enabled in your network.  It’s imperative to have technology that is actively searching for vulnerabilities and attacks, technology to ensure everything is backed up and, in the event of a disaster, technology to recover quickly without much downtime.

Email our Sales team at sales@bbg-mn.com today to discuss how our Disaster Recovery as a Service platform is right for you and how it’ll help keep your company data safe.

 

  • Ransomware can strike anyone, at any time
  • Be prepared
  • Have the right detection software in place
  • Have a robust backup and recovery solution
  • If you’re concerned about any of these in respects to your organization, email us today at sales@bbg-mn.com to start a discussion!