SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Cybersecurity
#
IT Automation
#
Malware
Recent high profile cyber attacks show rising threat of ransomware-as-a-service
Mon, 12th Jul 2021
FYI, this story is more than a year old
Author image
By Shannon Williams, Journalist
Follow us

Recent high profile cyber attacks represent a rising threat of ransomware-as-a-service providers, according to Open Systems.

Ric Longenecker, chief information security officer at Open Systems, says last week's REvils ransomware attack on Kaseya and its attack on JBS last month, show even relatively inexperienced cybercriminals can wreak havoc on entire companies, and in Kaseya's case, entire industries and downstream customers.

He says this trend of ransomware-as-a-service is continuing to evolve and cybersecurity providers need to stay ahead of the risk.

"The recent Kaseya attack shows a continuing and disturbing trend," Longenecker says.

"Well established 'ransomware-as-a-service' groups like REvil have simply moved from striking 'high profile' targets like Solarwinds and Fortune 500 companies to targeting service providers for small and medium-sized businesses." he explains.
 
Open Systems provides an adaptable and scalable SASE platform with tightly integrated managed detection and response (MDR) service and zero trust network access (ZTNA),

"These smaller targets may not guarantee a massive payout, but theres less of a chance of consequences or reprisals because it is really difficult for authorities to diplomatically respond like-for-like to an attack that does not touch critical industries or infrastructure," Longenecker says.

"Even though this attack is not impacting the United States as much as other countries, risk is still increasing for both cybersecurity providers and the customers we serve," he says.

"And these recent events continue to reinforce how interconnected and complex IT can be."

Last week saw US-based Kaseya, which provides IT management software for Managed Service Providers and small to mid-sized businesses, had its VSA software infiltrated with ransomware.

Hundreds of organisations across the world have been affected, including several organisations in New Zealand as well as 11 education providers.

The attack saw up to 1500 businesses around the world affected. REvil ransomware group, who claimed responsibility for the breach, have demanded US$70 million to restore all the affected businesses' data

New Zealand-based cybersecurity watchdog CERT NZ urged all users of the software to shut it down until further notice.

Kaseya chief executive, Fred Voccola, commented on the incident, Our global teams are working around the clock to get our customers back up and running.

“We understand that every second they are shut down, it impacts their livelihood, which is why we're working feverishly to get this resolved," he said.

"Kaseya is actively engaged with various governmental agencies, including the FBI, CISA, Department of Homeland Security and the White House.

Related stories
IBM strengthens cyber resilience alliance with Cohesity
Avocado Consulting expands partnership with CyberArk
Watch out! There are hidden dangers lurking in your PDFs
Can misconceptions derail the effectiveness of operational resilience?
Mako boosts defence against cyber attacks with Radware's protection services
Top stories
Fujitsu strengthens cyber security with new Australian, NZ division
Booming AI deepfake detector market set to hit USD $5.7 million by 2034
Biometrics market projected to reach USD $173.7bn by 2032, says report
Check Point boosts email security with new AI-powered features
SentinelOne makes it to CRN's inaugural AI 100 list