Amazon.com Widgets
James Frey Official Website
Join the JAMES FREY mailing list
Click

Mo’ Ransom

from WIRED

A New Kind of Ransomware Tsunami Hits Hundreds of Companies

An apparent supply chain attack exploited Kaseya’s IT management software to encrypt a “monumental” number of victims all at once.

by BRIAN BARRETT

100 prism
The impact has already been severe and will only get worse given the nature of the targets. PHOTOGRAPH: RL PHOTOGRAPHY/GETTY IMAGES

IT WAS PROBABLY inevitable that the two dominant cybersecurity threats of the day— supply chain attacks and ransomware—would combine to wreak havoc. That’s precisely what happened Friday afternoon, as the notorious REvil criminal group successfully encrypted the files of hundreds of businesses in one swoop, apparently thanks to compromised IT management software. And that’s only the very beginning.

The situation is still developing and certain details—most important, how the attackers infiltrated the software in the first place—remain unknown. But the impact has already been severe and will only get worse given the nature of the targets. The software in question, Kaseya VSA, is popular among so-called managed service providers, which provide IT infrastructure for companies that would rather outsource that sort of thing than run it themselves. Which means that if you successfully hack an MSP, you suddenly have access to its customers. It’s the difference between cracking safe-deposit boxes one at a time and stealing the bank manager’s skeleton key.

[ click to continue reading at WIRED ]

Posted on July 2, 2021 by Editor

Filed under Weirdness | | No Comments »