Recent high profile cyber attacks show rising threat of ransomware-as-a-service
Recent high profile cyber attacks represent a rising threat of ransomware-as-a-service providers, according to Open Systems.
Ric Longenecker, chief information security officer at Open Systems, says last week's REvils ransomware attack on Kaseya and its attack on JBS last month, show even relatively inexperienced cybercriminals can wreak havoc on entire companies, and in Kaseya's case, entire industries and downstream customers.
He says this trend of ransomware-as-a-service is continuing to evolve and cybersecurity providers need to stay ahead of the risk.
"The recent Kaseya attack shows a continuing and disturbing trend," Longenecker says.
"Well established 'ransomware-as-a-service' groups like REvil have simply moved from striking 'high profile' targets like Solarwinds and Fortune 500 companies to targeting service providers for small and medium-sized businesses." he explains.
Open Systems provides an adaptable and scalable SASE platform with tightly integrated managed detection and response (MDR) service and zero trust network access (ZTNA),
"These smaller targets may not guarantee a massive payout, but theres less of a chance of consequences or reprisals because it is really difficult for authorities to diplomatically respond like-for-like to an attack that does not touch critical industries or infrastructure," Longenecker says.
"Even though this attack is not impacting the United States as much as other countries, risk is still increasing for both cybersecurity providers and the customers we serve," he says.
"And these recent events continue to reinforce how interconnected and complex IT can be."
Last week saw US-based Kaseya, which provides IT management software for Managed Service Providers and small to mid-sized businesses, had its VSA software infiltrated with ransomware.
Hundreds of organisations across the world have been affected, including several organisations in New Zealand as well as 11 education providers.
The attack saw up to 1500 businesses around the world affected. REvil ransomware group, who claimed responsibility for the breach, have demanded US$70 million to restore all the affected businesses' data
New Zealand-based cybersecurity watchdog CERT NZ urged all users of the software to shut it down until further notice.
Kaseya chief executive, Fred Voccola, commented on the incident, Our global teams are working around the clock to get our customers back up and running.
“We understand that every second they are shut down, it impacts their livelihood, which is why we're working feverishly to get this resolved," he said.
"Kaseya is actively engaged with various governmental agencies, including the FBI, CISA, Department of Homeland Security and the White House.