Tech company estimates recovery for 90 percent of clients by Monday night after massive cyberattack

A client of the Miami-based technology firm at the center of major ransomware attack predicted that 90 percent of its own clients would be able to conduct business by the end of the day on Monday.

JustTech said in a statement on Sunday that it and its clients had fallen victim to a cyberattack on July 2 that cybersecurity experts are linking to the Russia-based ransomware gang REvil.

“In this attack, REvil actors utilized a vulnerability in an industry leading security tool (Kaseya), which JustTech utilizes for our clients. A popular security tool that keeps bad actors out of clients’ networks everyday was hijacked and used to deliver ransomware to hundreds of our clients and thousands of users,” the firm said.

JustTech was not directly hacked by the group as the company Kaseya was, but it experienced an indirect breach since it was a client of Miami-based company. According to JustTech’s website, the company provides Xerox copiers and printer sales and support services, “managed network Services & IT Support,” and creates “custom apps for Xerox multifunction copiers.”

The company provides services to areas in Washington, D.C.; Virginia; Maryland; West Virginia; Kentucky and Ohio. JustTech has over 3,000 clients.

The business said that its goal was to have 100 percent of clients able to do business by Wednesday and said it would not charge clients related to its recovery efforts following the cyberattack.

“JustTech and several external security firms strongly feel this was a traditional ransomware attack and that no data was stolen rather only encrypted. Data on our encrypted backup servers can be restored,” the company said in a statement.

One of JustTech’s clients, the Maryland town of Leonardtown, reported it had been affected by the cyberattack. 

According to The Washington Post, JustTech emailed the town saying that neither of its “servers nor your network were directly hacked or breached. The intrusion came through the remote monitoring and security software we utilize from an industry leading provider.” 

JustTech told the Maryland town that REvil had demanded $45,000 per computer, but Leonardtown wasn’t seriously going to consider paying, according to the Post, which interviewed town administrator Laschelle McKay. Seventeen of the town’s 19 computers had been impacted by the attack.