everest attacks United States of America GOV
Incident Date:
April 6, 2022
Overview
Title
everest attacks United States of America GOV
Victim
United States of America GOV
Attacker
Everest
Location
First Reported
April 6, 2022
Ransomware Attack on R&D Incentives Group
Company Profile
R&D Incentives Group, a company dedicated to assisting businesses in claiming Research and Development tax credits, has recently fallen victim to a ransomware attack by the Everest group. This firm is notable for its collaboration with major accounting firms, leveraging a team of Big 4 CPAs, tax attorneys, engineers, and technology experts to maximize federal and state tax incentives through unique data gathering tools, comprehensive due diligence, and a streamlined client-centric process.
Vulnerabilities
The precise vulnerabilities exploited in the ransomware attack on R&D Incentives Group remain unspecified. However, it is widely acknowledged that ransomware attacks typically exploit software vulnerabilities, outdated systems, or human errors, such as susceptibility to phishing emails.
Impact
While the specific consequences of the ransomware attack on R&D Incentives Group are not detailed, references suggest that the incident led to system damage, business interruption, and contractual liabilities for a managed service provider (MSP) involved in a related case study.
Response
The response strategy employed by the MSP in the aftermath of the ransomware attack involved negotiating the ransom payment and securing a decryption key, facilitated by the CFC Response team. The details of R&D Incentives Group's direct response to the attack are not provided.
Prevention
To mitigate the risk of ransomware attacks, organizations are advised to adopt comprehensive cybersecurity measures. These include conducting regular software updates, providing employee training to recognize potential threats, and implementing multi-factor authentication. Furthermore, maintaining comprehensive technology E&O and cyber insurance policies can significantly reduce the financial impact of such cyber incidents.
The ransomware attack on R&D Incentives Group underscores the critical importance of maintaining vigilant cybersecurity practices. While the specific vulnerabilities exploited in this instance are not disclosed, the ramifications of ransomware attacks—such as system damage, business disruption, and contractual liabilities—demonstrate the substantial risks businesses face in the digital age.
Sources
- R&D Incentives Group: Understanding Small Business R&D Tax Credits
- No Easy Answers to Ransomware Riddle - Intelligize. URL: https://www.intelligize.com/no-easy-answers-to-ransomware-riddle/
- Ransomware Riddles: Unmasking the Cyber Threat - YouTube. URL: https://www.youtube.com/watch?v=dQw4w9WgXcQ
- Cyber Defenders: CIA's Matthew Riddle on Protecting Against Ransomware. URL: https://www.cia.gov/news-information/featured-story-archive/2020-featured-story-archive/cyber-defenders.html
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.