Supply Chain Ransomware Attack (July 2rd 2021)

Started by Blast, July 04, 2021, 05:02:09 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Blast

July 04, 2021, 05:02:09 PM
Apparently "Kaseya VSA" is used by many companies to manage their supply chain. It's been hit by what's believed to be the Russian hacker/ransomware group "REvil", cause three service to shut down. We've all lived through a supply chain disaster...hopefully this won't be as bad.

https://venturebeat.com/2021/07/03/supply-chain-attack-on-kaseya-infects-hundreds-of-victims-with-ransomware-what-we-know/
"Enterprises running Kaseya VSA remote monitoring and management tools should shut down servers running the service immediately, Fred Voccola, CEO of IT company Kaseya said in a warning posted on Friday. Attackers behind the ransomware attack are disabling administrative access to VSA once they have access to the victim network, complicating efforts to contain and remove the ransomware."
-Blast
My book*: Outdoor Adventures Guide - Foraging
Foraging Texas
Medicine Man Plant Co.
DrMerriwether on YouTube
*As an Amazon Influencer, I may earn a sales commission on Amazon links in my posts.

boskone

#1
July 04, 2021, 06:03:46 PM
One note: a supply-chain attack means that the attack comes from "up-chain" of a company; in this case, the vector was Kaseya VSA, but the attack was actually executed against end-user companies.  It doesn't have anything to do with the actual management of supply chains, at least directly; the attack's a general network attack and so might include supply-chain management, but it's not specifically targeting supply-chain management.

I'll bet that most of the companies tried to cheap out on network security, and are probably going to be reaming their IT personnel a new one despite not supplying the funds IT needs to prep for something like this.  IT is all too commonly regarded as a cost-sink rather than a potential savings center, and so typically resource-starved.  There's an old saying in IT: when everything's working, they don't know why they pay you; but when it all goes to hell, they don't know why they pay you.

Blast

#2
July 05, 2021, 10:23:03 AM
Quote from: boskone on July 04, 2021, 06:03:46 PM
One note: a supply-chain attack means that the attack comes from "up-chain" of a company; in this case, the vector was Kaseya VSA, but the attack was actually executed against end-user companies.  It doesn't have anything to do with the actual management of supply chains, at least directly; the attack's a general network attack and so might include supply-chain management, but it's not specifically targeting supply-chain management.

Thanks for clarifying!
-Blast
My book*: Outdoor Adventures Guide - Foraging
Foraging Texas
Medicine Man Plant Co.
DrMerriwether on YouTube
*As an Amazon Influencer, I may earn a sales commission on Amazon links in my posts.
Print
Go Up Pages1
User actions
SMF spam blocked by CleanTalk