The one-year anniversary of the Kaseya ransomware attack is just around the corner on July 2nd. As we look back, cybersecurity leaders are able to analyze the events leading up to and during the attack in order to help prevent a future breach.
For the cybersecurity industry, 2021 may go down in history as the year of the software supply chain attack. The Kaseya ransomware attack is one of several – such as those involving SolarWinds, Accellion, Microsoft, and Log4j, to name a few – that demonstrated the frailty of the software supply chain and the need to shore up secure development practices, regardless of industry or company size. Impacting millions of users downstream, the scope and stealthy nature of these attacks illuminated the advanced capabilities and backdoors in use and woke us up to our own cyber insecurities in the world.
Kaseya was likely targeted not only because of its large and influential customer base, but also because of its access to enterprise IT networks, which are becoming increasingly connected to operational technology (OT), Internet of Things (IoT), Industrial IoT (IIoT) and Internet of Medical Things (IoMT) assets – the Extended IoT (XIoT) – to support critical manufacturing processes, building automation systems, and medical imaging equipment. In the ever-expanding universe of the XIoT, new attack vectors are always emerging because many of these systems were not necessarily designed to co-exist seamlessly. This will only accelerate as our reliance on online access to physical systems for greater automation, control, efficiency, and convenience continues to grow.
Supply chain cyber risk is complicated and spans the entire lifecycle of a product – design, manufacturing, distribution, deployment, maintenance, and disposal. The more protracted and complex the life cycle, the more opportunities to exploit the weakest links in the supply chain. And because supply chains are often global and span multiple tiers of suppliers, the responsibility of security cannot rest with a single organization. When creating business continuity plans, executives need to look beyond their own company to also consider the security measures their immediate suppliers have in place and how they, in turn, manage and mitigate risk with their extended network of suppliers.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics