Threat Management, Malware, Ransomware

Ransomware attack on TrialWorks is one of 13 on MSPs and cloud-service providers in 2019

Law firms using case management software from TrialWorks found themselves unable to access their legal documents after the third-party service provider was hit with a ransomware attack earlier this month.

The Coral Gables, Florida-based company, which serves roughly 2,500 clients, was attacked back on Oct. 13, but reports of the incident only began to surface this week. According to a BleepingComputer report, TrialWorks did not acknowledge the attack in a public announcement, but did notify customers via email and assured them it was "actively decrypting and restoring data," which suggests the ransom was paid.

While the ransomware used in the attack was not revealed, the report further notes that the incident resembled a past Sodinokibi attack against the solutions provider Digital Dental Record (DDS).

TrialWorks was one of 13 managed service providers or cloud-based service providers known to be hit by ransomware in 2019, causing disruptions to their respective customer bases, researchers with Armor revealed in a newly released report.

Among those 13 are SchoolinSites, a cloud-based education solutions provider; MetroList, which provides listing services to real estate brokers and agents; CorVel, a risk management solutions company serving the worker's compensation, auto, health and disability management industries; and BillTrust, a B2B order-to-cash solutions provider.

"This uptick in successful ransomware attacks against MSPs and/or cloud-based service providers is a harsh reminder that organizations have to ensure that the third-party vendors they do business with are as equally protected against the current and emerging cyber threats, as they are," said Chris Hinkley, Head of Armor's Threat Resistance Unit (TRU) research team. "This is especially true, because as we have seen, a successful ransomware attack against a MSP/cloud-based service provider can be debilitating to their customers, as well as to their own company, as the attack can quickly shut down key systems which the customers depend on to run their organization."

"And of course, a ransomware attack against an MSP can be fatal, putting a MSP out of business," Hinkley added, citing PM Consultants, an IT consulting firm and support provider for dental practices that closed down last July after being crippled by ransomware.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.