Hackers carried out one of the largest supply chain cyber attacks to date

Hackers have just carried out one of the largest known supply chain cyber attacks to date.This Financial Times with Wall Street Journal The report says IT management software giant Kaseya Victim To a ransomware attack that destroyed its VSA remote maintenance tool. The company initially claimed that “less than 40” of its customers were directly affected, but security response company Huntress said that three hosting service providers that it worked with were also attacked and endangered more than 200 companies.

This number may be higher. Huntress pointed out that there are eight affected cloud service providers that may affect more companies. Swedish supermarket chain Coop shut down After one of its contractors became a target, nearly 800 stores became a target.

Kaseya said it has identified the possible source of the security vulnerability and is developing a patch that will be “thoroughly tested.” At the same time, the company urges all customers to shut down their VSA servers and keep them offline until they can install updates. Kaseya added that software-as-a-service customers “will never be at risk,” although the company has cancelled the feature as a precaution.

It’s not certain who was behind the attack, although the huntress Bundled up election campaign To the REvil organization related to Russia Attack on beef supplier JBS.

This incident is the latest in a series of high-profile ransomware attacks, including JBS and Colonial pipeline. It also follows the large-scale SolarWinds vulnerability Attributed to another group, Nobelium. Online security is quickly becoming a major issue in the supply chain, and it is not clear whether these issues will disappear anytime soon.

Kaseya’s violations also reflect the danger of relying heavily on a company’s software platform. Although the number of directly affected customers is small, the supply chain network seems to have had a ripple effect, damaging the interests of many companies. The situation may not improve until stricter security or more competition among suppliers like Kaseya to reduce potential damage.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you purchase goods through one of these links, we may earn member commissions.

Leave a Reply

Your email address will not be published. Required fields are marked *