As Australia counts cost of Kaseya attack, should industry be doing more?

Supply-chain commonalities mean industry verticals should formalise their security collaboration, such as by adopting the US’s ISAC model.

Jigsaw puzzle pieces coming together.
Metamorworks / Getty Images

As Australia’s business community continues to assess the damage from the major Kaseya ransomware attack, some in the security community are pushing for stronger industry collaboration that would speed response to such attacks with stronger threat intelligence and tailor-made incident-response advice.

The attack—apparently instigated by Russia’s REvil gang and exploiting the company’s cloud-based VSA remote monitoring and management software tool—emerged over the US Fourth of July holiday weekend, rapidly planting ransomware into the company’s software supply chain worldwide.

By implanting ransomware in more than 30 of Kaseya’s managed service provider (MSP) customers, the malicious code propagated down its supply chain to their customers — ultimately affecting more than 1,000 companies in 17 countries.

A worrying shift in attack profile

The attack was a worrying escalation in ransomware tactics because it coupled supply-chain techniques with the “incentives and devastating impacts of ransomware,” said Casey Ellis, founder of Australian cybersecurity provider Bugcrowd and a 20-year security-industry veteran.

To continue reading this article register now

22 cybersecurity myths organizations need to stop believing in 2022