Several headline grabbing cyberattacks have taken place in recent weeks and months. While such cyberattacks are nothing new, some of these attacks have been directly targeted at critical infrastructure and supply chain companies. This focused type of strike is no accident, and it shows the evolving intent of threat actors to cause as much disruption as possible. By aiming their efforts at companies with direct ties to the well-being of the public and private sectors, cybercriminals continue to up the ante in terms of scope, reach, and cost of their attacks.
Organizations of all sizes have been impacted by these infrastructure and supply chain incidents. Even if a company is not directly targeted, a trickle-down effect is evident as complications and crises extend beyond the offices and servers of those caught in the crosshairs. The attacks are worth examining to understand how the risks that similar events may have on your company. In our ever-connected business world, the need for adequate planning and security measures has never been more important.
Supply Chain Security Issues Highlighted by Kaseya Attack
One of the most recent supply chains cyberattacks is also one of the most alarming. Before the Independence Day holiday weekend, a ransomware attack orchestrated by the notorious hacker group REvil hit the software supplier Kaseya. Ransomware infected thousands of computers at hundreds of different businesses via Kaseya’s virtual system administrator (VSA), which monitors their customers’ networks remotely. This software is widely used, and the initial attack crippled the networks of around 200 organizations.
Kaseya seems to have gone into remediation mode quickly, urging customers to shut down any servers running the ransomware-infected software. But, of concern, the company downplayed the event by stating that only a small number of their customers were affected. At the same time, other industry insiders compared the scale of it to the SolarWinds attack of late 2020. Kaseya works with businesses of all sizes, and this ransomware had the potential to reach nearly all of them.
Regardless of the exact number of businesses affected, the impacts of this event on the companies using Kaseya’s VSA are apparent. Its impact is massive in its reach and is likely the largest supply-chain attack ever. The timing of the attack appears to have been thought out as well, as the days leading to the holiday weekend saw fewer IT staff members at many of the affected businesses.
Supply chain attacks can be particularly troubling for smaller-scale businesses that don’t have dedicated IT and security teams to deal with these issues. Small businesses put a certain amount of trust in the software companies they work with, and this trust is exactly what the cybercriminals are violating. If you own or operate a small business and put your security in the hands of a software supplier, you risk being out of luck when push comes to shove. Other forms of data breach defense and planning are essential to better navigate these types of events.
A larger business may have better tools for handling a ransomware attack, but they are often a bigger target for the cybercriminals to exploit. While the top levels of government and cybersecurity still advise against making ransom payments, larger organizations have been known to cough up multi-million-dollar payments to get operations back online. With a crippling attack literally shutting down a business in seconds, the best course of action is often difficult to discern.
There have been some indications that security flaws existed in Kaseya’s software in the years leading up to this attack. Some concerns reported by employees included using outdate code, poor encryption, and not following basic-level cybersecurity measures. That may seem astounding given the number of businesses that use Kaseya’s VSA. Still, it also demonstrates that relying on a supply chain provider for adequate security is far from a viable option.
Infrastructure Attacks Have Extended Reach
Several other notable infrastructures cyberattack have also occurred in recent months. Another ransomware attack by REvil hit the meatpacking company JBS in June. This attack disrupted the supply chain for meat products in the USA, other parts of North America, and Australia. JBS is the largest meatpacking company in the world, and the attack halted operations at nearly all of its US plants when the incident occurred.
The Colonial Pipeline ransomware incident in May was another major infrastructure attack. This pipeline delivers nearly half of the fuel to the eastern US, and it was forced to shut down all operations in the immediate aftermath of the attack to limit the attack’s scope and reach. Fuel shortages and customer panic were seen quickly after news of the attack broke. Several states announced State of Emergency orders to deal with potential shortages. With oil still being a significant resource for much of the nation’s industry, this attack demonstrated just how vulnerable the US infrastructure could be, and the Federal government quickly got involved – something they typically don’t often do with corporate ransomware attacks.
Impacts on Your Business
These major supply chain and infrastructure attacks have wide-reaching consequences. And they are growing in severity and scope. The potential impacts on businesses of all sizes continue to grow right alongside the risks. No matter what industry or sector your organization is in, the risk of cyberattack remains strong. The incidents mentioned above show that even if you aren’t a direct target of the attacks, proper defenses are required to limit the broad arching issues associated with a cyberattack.
LibertyID is the leader in identity theft restoration, having restored the identities of tens of thousands of individuals without fail. If you retain personal information on your customers, now is the time to get data breach planning and a response program in place with our LibertyID for Small Business data breach preparation program. With LibertyID Enterprise you can now add value to existing products, services, or relationships by covering your customers, employees, or members with LibertyID’s fully managed identity theft restoration service – at a fraction of our retail price – with no enrollment and no file sharing. We have no direct communication with your group members – until they need us.
Call us now for a no obligation proposal at 844-44-LIBERTY (844) 445-4237