The Nightmare of Supply Chain Threats Becomes Real … Meet the Kaseya Attack

We must admit sometime, soon, that we are generally just not very good at cybersecurity. So while our core infrastructures are fairly well protected, it is often devices and systems at the edge of our networks that can provide a point of attack, a point of infection, and even a pivot point. Once behind a network firewall, there is often little in the way of detection and protection. The ultimate risk, though, is within our supply chain networks, as these infrastructures tend to interconnect and also are interdependent on other external entities. A malware infection in one part can thus affect other parts, and could bring down the whole infrastructure — like a house of cards.

Over the past few days, experts have been assessing the scope of the most recent large-scale ransomware attack (the Kaseya attack). As the core of this is the ransomware-as-a-service REvil infrastructure, and which provides an end-to-end service for affiliates. On a share of the profits, this service supports affiliates in the setup of a campain, the distribution of the malware, and in the collection of payments. Now an affiliate of the REvil network is demanding $70m ransom payment from the Kaseya attack in order to release thousands of victims — and millions of devices. It has managed to scale around the world, too, and has created infections…