Another day, another ransomware attack. This time, we are influencing large and small companies that use IT software from a company called Kaseya. May’s hottest ransomware attack hits the world’s largest meat stuffing company and the US’s largest fuel pipeline, highlighting how the robbery hacker gang attacked, disrupting the economy, It can endanger life and livelihood. What is ransomware? Ransomware encrypts and scrambles the data in the target organization. The criminal leaves instructions on the infected computer to negotiate a ransom payment. Once payment is complete, you will be provided with a decryption key to unlock these files. Ransomware scammers are also spreading to blackmail data theft. Before triggering encryption, you may threaten to quietly copy a sensitive file and publish it unless you pay the ransom. What is a supply chain attack? The latest attacks affecting Kaseya’s customers are a combination of ransomware manipulation and what are called supply chain attacks. This typically sneaks malicious code into software updates and automatically pushes them to thousands of organizations. Kaseya states that ransomware has influenced products for remote monitoring of networks. However, many of our clients are providers of a wider range of IT management services, which can affect many organizations. “What makes this attack stand out is the trickle-down effect from managed service providers to small businesses,” said John Hammond of security firm Huntless Labs. “Kaseya deals with large companies, from small businesses around the world, so it could eventually spread to companies of all sizes or sizes.” The most well-known recent supply chain to date. The attack was by and targeted by an elite Russian hacker. Software provider SolarWinds. But the motives were different. How does the ransomware gang run? The criminal organizations that dominate the ransomware business are mostly Russian-speaking and run almost exempt from Russia and its allies. Three years ago, it was only a moment, but syndication has become more sophisticated and skillful. They use dark web forums to organize and recruit while hiding their identities and movements with sophisticated tools and cryptocurrencies such as Bitcoin that make it difficult to track payments and money laundering. Most experts link Kaseya’s attacks to a group called REvil. A ransomware provider linked by the FBI to an attack on JBSSA, the world’s leading meat processor, during Memorial Day weekend. The group, which has been active since April 2019, offers ransomware as a service. In other words, we develop network paralysis software and lease it to so-called affiliates who infect targets and earn most of the ransom. Who will be affected? The attacks that affected Kaseya are not yet clear, but have already been accused of closing stores across the Swedish grocery chain because cash registers were not functioning. According to cybersecurity firm Emsisoft, there are agencies, more than 500 healthcare centers, 1,680 educational institutions, and thousands of companies. The loss of dollars is tens of billions of dollars. The exact number is difficult to understand. Many victims avoid reporting for fear of bad reputation.
Another day, another ransomware attack. This time, we are influencing large and small companies that use the IT software of a company called Kaseya.
May’s hottest ransomware attack hits the world’s largest meat packaging company and the U.S.’s largest fuel pipeline, potentially disrupting the economy and endangering lives and livelihoods by robbery hacker gangs I emphasized that.
What is ransomware? How does it work?
Ransomware uses encryption to scramble the data in the target organization. The criminal leaves instructions on the infected computer to negotiate a ransom payment. Once payment is complete, you will be provided with a decryption key to unlock those files.
Ransomware scammers are also spreading to blackmail data theft. Before triggering encryption, you may threaten to quietly copy a sensitive file and publish it unless you pay the ransom.
What is a supply chain attack?
The latest attacks affecting Kaseya’s customers are a combination of ransomware manipulation and what are called supply chain attacks. This typically involves sneaking malicious code into software updates and automatically pushing them to thousands of organizations.
Kaseya states that ransomware has influenced products for remote monitoring of networks. However, many of our clients are providers of a wider range of IT management services, which can affect many organizations.
“What makes this attack stand out is the trickle-down effect from managed service providers to small businesses,” said John Hammond of security firm Huntress Labs. “Kaseya handles large and small businesses globally, so it has the potential to eventually spread to companies of all sizes and sizes.”
To date, the most well-known recent supply chain attacks have been attributed to elite Russian hackers and targeted software provider SolarWinds. But the motives were different. It was not an attempt to force money, but a large-scale intelligence activity targeting government agencies.
How does the ransomware gang work?
The criminal organizations that dominate the ransomware business are mostly Russian-speaking and run largely exempt from Russia and its allies. Three years ago, it was only a moment, but syndication has become more sophisticated and skillful. They leverage dark web forums to organize and recruit while hiding their identities and movements with sophisticated tools and cryptocurrencies like Bitcoin that make it difficult to track payments and money laundering.
Most experts have linked Kaseya’s attacks to a group called REvil. This is the same ransomware provider that the FBI linked to an attack on Memorial Day holiday weekend against JBSSA, the world’s leading meat processor.
The group, which has been active since April 2019, offers ransomware as a service. In other words, we develop network paralysis software and lease it to so-called affiliates who infect targets and earn most of the ransom.
Who will be affected?
The magnitude of the attack affecting Kaseya is not yet clear, but it has already been accused of closing stores across the Swedish grocery chain because the cashier was not functioning.
Last year alone, ransomware gangs hit more than 100 federal, state, and local governments, more than 500 medical centers, 1,680 educational institutions, and thousands of companies, according to cybersecurity firm Emsisoft. The loss of dollars is tens of billions of dollars. The exact number is difficult to understand. Many victims avoid reporting for fear of bad reputation.
Its role in ransomware disassembly and supply chain attacks
Source link Its role in ransomware disassembly and supply chain attacks
