Updated on 2023-01-04: Cloud-based Records Management Service Discloses Cyberattack
Cloud-based digital records management company Cott Systems has notified customers that it suffered an “organized cyberattack” in late December. Cott disconnected its servers to isolate the infection. As a result, many local governments across the US have been forced to turn to manual processes for birth certificates, marriage licenses, and real estate transactions.
Note
- This is impacting services in 21 states, who are fortunately able to revert to manual methods. While 93% of their infrastructure has been fixed, Cott Systems is still holding their service resumption date close, most likely as they want to be sure that prevent recurrence and know that recently breached companies are at the head of the line for attackers. Note to self – don’t just address the discovered attack vector, look for, and address, other weaknesses.
- The use of the term ‘organized cyberattack’ makes it sound as if the records management company had no way of protecting itself. Wouldn’t you say that all ransomware gangs are organized in their conduct of a cyberattack? Unless the attacker used a zero-day exploit, then security safeguards specified in best practice guidance like the Blueprint for Ransomware Defense are more than sufficient to protect against attack.
Read more in
Overview
Hundreds of U.S. counties were forced to resort to pen and paper after a cyberattack on their digital records management vendor, Cott Systems, disrupted vital records systems. Read more: Customer Update – January 2, 2023
