bbc US companies hit by 'colossal' cyber-attack

[ENTERPRISE]

Quote

About 200 US businesses have been hit by a "colossal" ransomware attack, according to a cyber-security firm.

Huntress Labs said the hack targeted Florida-based IT company Kaseya before spreading through corporate networks that use its software.

Kaseya said in a statement on its own website that it was investigating a "potential attack".

Huntress Labs said it believed the Russia-linked REvil ransomware gang was responsible.

 

Source

Edited July 6, 2021 by UltraMega
Typo/missing letter

[Diffident]

From the article:

 

Quote

Mr Biden said he gave Mr Putin a list of 16 critical infrastructure sectors, from energy to water, that should not be subject to hacking.

So apparently other than those "16 critical infrastructure sectors" everything else is fair game.   I guess this wasn't part of those 16, so it's ok.

[UltraMega]

Yet another wake up call for US businesses when it comes to cyber security.

[J7SC_Orion]

...sad part is that much of the ransom_ware is based on US NSA code that was stolen and sold on the dark web

[UltraMega]

1 hour ago, J7SC_Orion said:

...sad part is that much of the ransom_ware is based on US NSA code that was stolen and sold on the dark web

Stuxnet! 

 

There is a really good documentary on this called zero days. 

[Diffident]

3 hours ago, UltraMega said:

Yet another wake up call for US businesses when it comes to cyber security.

I don't think you can stop it, and still be connected to the internet.

 

The payload is delivered through an automatic update from Kaseya systems, from there it exploits vulnerabilities in Windows, installs a different version of Windows Defender and then the encryption fun begins.

[UltraMega]

30 minutes ago, Diffident said:

I don't think you can stop it, and still be connected to the internet.

 

The payload is delivered through an automatic update from Kaseya systems, from there it exploits vulnerabilities in Windows, installs a different version of Windows Defender and then the encryption fun begins.

what about not using Kaseya? 

[Diffident]

4 minutes ago, UltraMega said:

what about not using Kaseya? 

That isn't the sole problem, none of the other cyberattacks that have happened recently had anything to do Kaseya.  It's impossible for any meaningful piece of software to be bug free. 

 

The biggest culprit is Windows.  All of these attacks target vulnerabilities in Windows.

[UltraMega]

7 minutes ago, Diffident said:

That isn't the sole problem, none of the other cyberattacks that have happened recently had anything to do Kaseya.  It's impossible for any meaningful piece of software to be bug free. 

 

The biggest culprit is Windows.  All of these attacks target vulnerabilities in Windows.

Well windows is the biggest target. It wouldn't make sense for them to target anything else to the same degree with their goals, right?

Edited July 6, 2021 by UltraMega

[Diffident]

9 minutes ago, UltraMega said:

Well windows is the biggest target. It wouldn't make sense for them to target anything else to the same degree with their goals, right?

I don't think it's the size of the target, but the ease of penetration.  Wouldn't Amazon's Linux servers be a big target?  Imagine shutting down Amazon's worldwide network.

 

But as I said before nothing is bug free, but security measures can be used to limit what can be accomplished if there is a breach.  Windows is a little more lax in the security department in order to be more user friendly and less intrusive. 

[UltraMega]

18 minutes ago, Diffident said:

I don't think it's the size of the target, but the ease of penetration.  Wouldn't Amazon's Linux servers be a big target?  Imagine shutting down Amazon's worldwide network.

 

But as I said before nothing is bug free, but security measures can be used to limit what can be accomplished if there is a breach.  Windows is a little more lax in the security department in order to be more user friendly and less intrusive. 

I think the biggest target will always have the most vulnerabilities generally speaking, something that has been said by security experts. 

But I think it's true that a lot of servers running linux do get breached these days as well. Perhaps Amazon servers get hacked all the time and they just have a good back up system. When it comes to ransomware specifically, a good back up system reduces the threat down to just an annoyance.