[et_pb_section fb_built=”1″ _builder_version=”4.9.4″ _module_preset=”default”][et_pb_row _builder_version=”4.9.4″ _module_preset=”default” custom_padding=”||0px|||”][et_pb_column type=”4_4″ _builder_version=”4.9.4″ _module_preset=”default”][et_pb_text _builder_version=”4.9.4″ _module_preset=”default” custom_padding=”||0px|||” hover_enabled=”0″ sticky_enabled=”0″]<\/p>\n
Over the weekend, thousands of businesses were caught up in a global cyber-attack<\/strong> that is being blamed on a Russian hacker group called Revil. It is disappointing when geo-politics impacts everyday business, and the reports talk about President Biden ordering a probe. Let us hope that any probe can restrict and reduce ransomware in general.<\/p>\n This attack was vectored through a piece of IT support software called Kaseya VSA, used widely around the world, including by a number of NZ IT support businesses. The irony is that this tool is used specifically to manage software patches for organisations to help keep them safe from hackers.<\/p>\n <\/p>\n [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=”2_5,3_5″ _builder_version=”4.9.4″ _module_preset=”default” min_height=”291px” custom_margin=”8px|auto||auto||”][et_pb_column type=”2_5″ _builder_version=”4.9.4″ _module_preset=”default”][et_pb_text _builder_version=”4.9.4″ _module_preset=”default”]<\/p>\n Kaseya is an excellent support product, and is very similar to the tool we use. A number of friendly competitors do use it, and they have been working through guidance from the supplier today. We have offered assistance to them.<\/p>\n Some of the businesses you interact with may be impacted.<\/p>\n So far there are reports of over 1,000 businesses around the world being impacted<\/strong>, and ransom between $US64,000 and US$5M being demanded.<\/p>\n [\/et_pb_text][\/et_pb_column][et_pb_column type=”3_5″ _builder_version=”4.9.4″ _module_preset=”default”][et_pb_image src=”http:\/\/kinetics.co.nz\/wp-content\/uploads\/2021\/07\/RansomDemand3.jpg.png” title_text=”RansomDemand3.jpg” _builder_version=”4.9.4″ _module_preset=”default”][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.9.4″ _module_preset=”default” custom_padding=”36px|||||”][et_pb_column type=”4_4″ _builder_version=”4.9.4″ _module_preset=”default”][et_pb_text _builder_version=”4.9.4″ _module_preset=”default” hover_enabled=”0″ sticky_enabled=”0″]<\/p>\n It is clever to attack common software used by many businesses.\u00a0 There are all sorts of shared software like this in use, from antivirus to desktop support utilities, and from remote control tools to more sophisticated platforms like Kaseya.\u00a0 There are common login tools, EDI, conferencing software, reporting and so on, all vital to ensure organisations can be more productive together.<\/p>\n At Kinetics we have been aware of the possibilities of these types of supply chain attacks.\u00a0<\/strong> We have highlighted them in our security webinars and news posts.\u00a0 We have been vigilant with our software tools and ensured all supplier guideline recommendations are complied with, as part of a layered security web.\u00a0 In the case of the Kaseya attack, it looks like an auto-update feature was exploited.\u00a0 This has reinforced our procedure which is more proactive and cautious.<\/p>\n There will be lots of lessons coming over the next few days and we can all learn from them.<\/strong><\/p>\n We\u2019ve been warning about the massively increased cyber-risk environment for some time, and it just got even worse. The risk is real.\u00a0 Every business is a target and at risk.\u00a0\u00a0One lesson we can call out is the need for DR planning, and being aware of the support tools from all suppliers that are in use on your platform.\u00a0 Every organisation needs practices to reduce risk, and manage both intrusion protection and recovery.<\/strong><\/p>\n We will set up a webinar in a couple of weeks to review this in more depth so we can share our learnings.<\/strong><\/p>\n <\/p>\n Refer :<\/strong><\/p>\n Global ransomware attack on software supplier Kaseya before US Fourth of July holiday leaves companies scrambling – NZ Herald<\/a><\/strong><\/p>\n Worldwide ransomware attack: St Peter’s College and 10 other schools hit by US cyber attack – NZ Herald<\/a><\/strong><\/p>\n Kaseya VSA ransomware attack: Biden orders probe | RNZ News<\/a><\/strong><\/p>\nKinetics does NOT use Kaseya. Neither us, nor any of our clients were impacted.<\/strong><\/h3>\n
Is your software supply chain safe?<\/h2>\n