Text only | Text with Images

Undead Forums of ZS

Prepping Discussion => Disasters in Current Events => Topic started by: Blast on July 04, 2021, 05:02:09 PM

Title: Supply Chain Ransomware Attack (July 2rd 2021)
Post by: Blast on July 04, 2021, 05:02:09 PM
Apparently "Kaseya VSA" is used by many companies to manage their supply chain. It's been hit by what's believed to be the Russian hacker/ransomware group "REvil", cause three service to shut down. We've all lived through a supply chain disaster...hopefully this won't be as bad.

https://venturebeat.com/2021/07/03/supply-chain-attack-on-kaseya-infects-hundreds-of-victims-with-ransomware-what-we-know/
"Enterprises running Kaseya VSA remote monitoring and management tools should shut down servers running the service immediately, Fred Voccola, CEO of IT company Kaseya said in a warning posted on Friday. Attackers behind the ransomware attack are disabling administrative access to VSA once they have access to the victim network, complicating efforts to contain and remove the ransomware."
-Blast
Title: Re: Supply Chain Ransomware Attack (July 2rd 2021)
Post by: boskone on July 04, 2021, 06:03:46 PM
One note: a supply-chain attack means that the attack comes from "up-chain" of a company; in this case, the vector was Kaseya VSA, but the attack was actually executed against end-user companies.  It doesn't have anything to do with the actual management of supply chains, at least directly; the attack's a general network attack and so might include supply-chain management, but it's not specifically targeting supply-chain management.

I'll bet that most of the companies tried to cheap out on network security, and are probably going to be reaming their IT personnel a new one despite not supplying the funds IT needs to prep for something like this.  IT is all too commonly regarded as a cost-sink rather than a potential savings center, and so typically resource-starved.  There's an old saying in IT: when everything's working, they don't know why they pay you; but when it all goes to hell, they don't know why they pay you.
Title: Re: Supply Chain Ransomware Attack (July 2rd 2021)
Post by: Blast on July 05, 2021, 10:23:03 AM
Quote from: boskone on July 04, 2021, 06:03:46 PM
One note: a supply-chain attack means that the attack comes from "up-chain" of a company; in this case, the vector was Kaseya VSA, but the attack was actually executed against end-user companies.  It doesn't have anything to do with the actual management of supply chains, at least directly; the attack's a general network attack and so might include supply-chain management, but it's not specifically targeting supply-chain management.

Thanks for clarifying!
-Blast
Text only | Text with Images