A devastating supply chain cyberattack has spotlighted the nightmare for unprotected businesses when hackers strike.
At least 200 companies were hit by ransomware attacks following the hack of U.S. IT firm Kaseya last Friday, just hours before the 4 July weekend.
Analysts pointed the finger at the Russia-linked REvil ransomware gang – the same group blamed by the FBI for paralysing the world's largest meat supplier JBS in May.
The gang targeted a widely used software tool to reach into corporate networks across America in what experts called a “colossal and devastating supply chain attack.”
High-profile hacker technique
Supply chain cyberattacks are a growing high-profile hacker technique of hijacking one piece of software to compromise hundreds or thousands of users at a time.
Kaseya’s VSA tool is used by IT professionals to monitor and manage servers, desktops, network devices and printers.
The company, based in Miami, is investigating. It shut down some of its infrastructure and urged customers running VSA to immediately turn off their servers.
Because Kaseya is used by a vast range of businesses from large enterprises to small companies, the cyberattack has the potential to spread to organisations of any size or scale.
The U.S. Cybersecurity and Infrastructure Security Agency said it was “taking action to understand and address the recent supply chain ransomware attack.”
“Worst incident yet”
The BBC warned: “In this latest incident the hackers showed that by going after the software supplier of multiple organisations they can pop dozens, perhaps hundreds of victims in one go. We've seen horrendous supply chain attacks in the past but this one has the potential to be the biggest incident involving ransomware yet.”
Kaseya's website says it has a presence in more than ten countries and more than 10,000 customers, although not all use the compromised software.
REvil – also known as Sodinokibi – is one of the world’s most prolific and profitable cyber-criminal groups. It sometimes threatens to publish stolen documents on its "Happy Blog" if victims do not pay a ransom.
The danger of supply chain cyberattacks was first raised in 2020 after hackers tampered with a network-monitoring tool built by Texas software firm SolarWinds.
The average cost of a data breach caused by a malicious cyberattack is estimated at $4.27 million.
Investing in expert cyber security
It is essential that companies of all sizes invest in expert cyber security and supply chain risk management.
With C2 Cyber’s proprietary COBRA platform, our clients can identify the supply chain risks that pose the greatest threat to their business, then focus their limited resources on collaborating with supply partners to reduce them.
To find out how to protect your business from cyberattack, secure your supply chain and operate safely, call us today on +44 (0) 20 7965 7597 or book an appointment.