Discussing the Impact of the Kaseya Supply Chain Attacks

Supply chain attacks such as the Kaseya incident are becoming common. A collaborative effort between businesses, MSPs and the concerned stakeholders is the way to fight back and reduce the risk of attack.

According to a GEP Research Report, the total cost of supply chain disruptions in 2020 was $4tn. While these disruptions were caused due to various reasons, such as COVID-19, diverging regulations, and commodity pricing fluctuations, 36% of the respondents said their supply chains were impacted due to cyberattacks. The Kaseya Supply Chain Attacks are a recent example.

In the survey, which included 400 C-suite executives at European and U.S. global companies, 64% reported revenue losses between 6% and 20% in 2020.

As U.S. businesses were shutting for the 4th of July national holiday, adversaries launched a well-timed supply chain attack on Florida-based software company, Kaseya Ltd., which makes a VSA product for managed service providers.

Attackers were targeting MSPs and then their customers who used the Kaseya VSA solution on-premise, with ransomware being executed at the end-point products.

Due to this, customers who use the on-premise VSA client were impacted by ransomware attacks.

In a move that was quite unexpected, on July 21, Kaseya received a universal decryptor for victims of the REvil ransomware attack. Since the decryption key was obtained from a “third-party,” the company tested its credibility and confirmed that it is actively helping its customers to decrypt their data and ensure safety.

REvil mysteriously disappeared from the internet on July 13 and all their sites were taken down.

Brian Pereira, Editor-in-Chief, CISO MAG, spoke to Andrew Hollister, Deputy CSO and VP Labs LogRhythm to discuss the impact of the Kaseya supply chain attack and mitigation strategies to check supply chain attacks.

Andrew Hollister is Vice President of LogRhythm Labs and Deputy Chief Security Officer (CSO) for EMEA, IMETA, and APJ. He is the most senior engineering lead outside the U.S. at the Security Information and Event Management (SIEM) platform provider. Hollister is responsible for overseeing LogRhythm Labs’ research in Threat, Compliance and Operational Risk. He also advises on LogRhythm’s product strategy and direction. Over the last nine years, Hollister has proven himself an invaluable member of the business and leadership team in Customer Care, Sales, Labs, and the OCSO organization.


About the Interviewer

Brian PereiraBrian Pereira is the Editor-in-Chief of CISO MAG. He has been writing on business technology concepts for the past 27 years and has achieved foundational certifications in cloud computing (IBM) and cybersecurity (EC-Council).

 

More stories from Brian