As many as 1,500 businesses around the world have been infected by highly destructive malware that first struck software maker Kaseya. In one of the worst ransom attacks ever, the malware, in turn, used that access to fell Kaseya's customers.
The attack struck on Friday afternoon in the lead-up to the three-day Independence Day holiday weekend in the US. Hackers affiliated with REvil, one of ransomware's most cutthroat gangs, exploited a zero-day vulnerability in the Kaseya VSA remote management service, which the company says is used by 35,000 customers. The REvil affiliates then used their control of Kaseya's infrastructure to push a malicious software update to customers, who are primarily small-to-midsize businesses.
Also at Reuters
This discussion has been archived.
No new comments can be posted.
Ransomware Attackers Infecting ~1,500 Businesses Demand $70 Million
|
Log In/Create an Account
| Top
| 25 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
(1)
(Score: 3, Insightful) by SomeGuy on Wednesday July 07 2021, @11:39AM (17 children)
So what must change for this to get better?
What will actually happen?
I don't know, but I'm imagining that before Missy can even access her work word processing computer she has to provide a blood sample (because biometrics are so fucking perfect) a mile long password of gibberish (that no one but hackers can remember), and verify using text messages over a smart phone (because glorious cell phones and retarded texting are so fucking secure and impenetrable), all while the copy of Windows Eleventy pushes out some new random feature that is full of exploitable bugs, every form field on the company web site is exploitable to injection attacks, and all company data is stored "in the cloud" where the Chinese are already picking over every last juicy bit.
Oh, and backups? What backups? We don't need no stenkin backups!
(Score: 4, Insightful) by WizardFusion on Wednesday July 07 2021, @12:45PM (5 children)
We need to stop using the cloud for everything. Why must every bit of software talk back to the mothership where it can be infected and hacked.
My company put its ticket logging system online, so now when there are internet issues or the provider decides to update in the middle of the day, no one can log tickets or see ticket status. Bloody stupid.
(Score: 4, Insightful) by jimbrooking on Wednesday July 07 2021, @01:05PM
In the cloud, every entity that touches it has to agree for you to get your job done that day.
(Score: 0) by Anonymous Coward on Wednesday July 07 2021, @01:10PM
Because if it's not on or connected to the cloud in some way, that means you might actually have to own and run the software yourself. Software companies love cloud. It means subscriptions and a regular steady income.
(Score: 4, Informative) by Ingar on Wednesday July 07 2021, @01:21PM
TFA states only customers using an on-premise solution were hit.
Love is a three-edged sword: heart, mind, and reality.
(Score: 2) by Tork on Wednesday July 07 2021, @03:20PM (1 child)
Naive question from someone outside of their comfort zone: What's the cloud's role in this? My limited understanding was the issue was file systems accessible by the internet. Is there a pattern of AWS customers being shaken down or something like that?
🏳️🌈 Proud Ally 🏳️🌈
(Score: 0) by Anonymous Coward on Wednesday July 07 2021, @04:25PM
Ransomware has been targeting anyone and everyone with a computer that has any kind of data on it. High value targets are getting attacked all day long, and it's often cheaper to keep quiet than announce that you got robbed.
(Score: 2, Insightful) by Anonymous Coward on Wednesday July 07 2021, @01:10PM (1 child)
If it is largely a handful of entities responsible, I wonder when does it elevate to something like an act of terrorism or act of war? Do something like blow up a country's critical infrastructure and it is very serious. How is this different? Just because it is "on a computer"? There is a lot of blame the victim, maybe that is the big difference. Why isn't there a coherent international approach to dealing with this?
(Score: 4, Interesting) by canopic jug on Wednesday July 07 2021, @01:50PM
If it is largely a handful of entities responsible, [...]
Yes, it is, relatively speaking, a handful of individuals responsible, but the elephant in the room is that they were the ones that knowingly and intentionally deployed Microsoft products in such a way as to be connected to the net. Not all systems are equally exploitable nor are those exploits of equivalent severity. None of that is being addressed at the moment because Microsoft has been a major lobbying firm since the anti-trust trial(s) of the late 1990s, before it transitioned to a cult more recently.
As a result of that lobbying and cult-like infiltration, you have Microsoft staff responsible for "helping" write the anti-Big Tech draft legislation [dailycaller.com] in such a way as to avoid all mention of Microsoft. They were even part of establishing the concept of "Big Tech" itself, especially those acronyms which omit reference to the worst of the miscreants. This blinds politicians to whole categories of options, specifically any of the many approaches that ditch Microsoft products wholly or partially, quickly or in stages.
Scrutiny is needed here in the case where ransomware has become so effortless to deploy and so catastrophically difficult to mitigate once it hits. There are many options to reduce or eliminate Microsoft products from the nation. Say you still had to have the desktops on Windows. If you had the back end running Samba on OpenZFS, and make vigorous use of snapshots, and have the data there and not on the Windows drives, then recovering would be a matter of shutting down, wiping, and doing a quite rollback to the last known good snapshot. However, say you can fully eliminate Windows from the desktops as well as the back end, then you have a world of opportunity to avoid ransomware.
Money is not free speech. Elections should not be auctions.
(Score: 3, Interesting) by c0lo on Wednesday July 07 2021, @01:27PM (4 children)
Lower the complexity of maintaining small businesses IT infrastructure - to the point in which a secretary is able to do it - and they'll be able to maintain their own. I mean, look, a file server, a print server, some business specific applications, what's so hard? They can even hire/share a local "wandering sysadm", running as a small enterprise her/himself. It used to be that way before the cloudy season began.
With a dispersed prey (as opposed to "herded by a stupid shepherd while grazing the cloud"), a predator needs to carefully consider his cost/benefit/risks side of the equation and the SME will be mostly safe just because they are small.
Will it happen? Nope, because cloud is such a good way for big corporations to keep their market captive, Microsoft Azure included.
https://www.youtube.com/@ProfSteveKeen https://soylentnews.org/~MichaelDavidCrawford
(Score: 2, Interesting) by Anonymous Coward on Wednesday July 07 2021, @02:04PM
Microsoft dumbed down the admin staff in the eyes of management. Up into the 90s the admin staff would type up manuscripts for people. When computers became available, these secretaries easily transitioned their tools. They would type up LaTeX equations, or use troff or whatever was what was used at the time. They are like anyone else in that you show them how to do something and they do it. Then when MS was really flexing its monopolistic muscles, they started pushing this idea that their Office suite was so easy, which is fine. But that quickly morphed into pushing the idea that it would be a fiscal company crippling event if you switched the secretaries off of Word because of the horrible cost to retrain them to use something else, completely ignoring the fact that every major Office (and Windows) release completely changed the UI. This idea stuck somehow that secretaries, who previously could run proper typesetting software and word processors, somehow would be SO burdened by switching to OpenOffice or some other software that even entertaining the mere idea of changing software was flirting with corporate bankruptcy.
(Score: 2) by DannyB on Wednesday July 07 2021, @04:50PM (2 children)
But BIG business is where Microsoft shines. For better or worse Microsoft has built their enterprise software to be deliciously addictive to large scale PC fleets.
If you manage, say, ten thousand PCs, you can't just send Joe around to install a new software update. With Microsoft (hate it or not) you simply change the group policy of the user and/or machine. Is this PC an "R&D machine", then it gets a certain standard set of preloaded software. Is it a "secretary machine", then it gets a standard set of preloaded software. Got a new corporate application to install for the entire accounting department, just add it to the group policy for that role and it gets automatically installed. Updates are automatic. Reboots done outside business hours.
This is pretty easy to sell to someone who has to manage gigantic fleets of PCs. In fact its impossible to turn down.
That is the crux of the problem.
With all of that Microsoft infrastructure developed, it becomes possible to then sell this to small business too. Get them locked in to Microsoft. They may get the "professional" edition instead of the "enterprise" edition. Just so that Microsoft can segment their market into different pricing
tierstears.The server will be down for replacement of vacuum tubes, belts, worn parts and lubrication of gears and bearings.
(Score: 1, Interesting) by Anonymous Coward on Wednesday July 07 2021, @07:40PM (1 child)
i agree. Linux distros (bsds?) need to make IT management for SMBs and enterprises a priority. This is something distros should be able to concentrate on if they weren't so busy building software with different package managers, etc and now dealing with half-assed not-so-universal package management solutions b/c of their crapulence in addressing the underlying issue.
so we go years without much improvement to the distros in things that matter to businesses/institutions like running old proprietary MS software *transparently* and super easy management of config and updates. home users choose their os by what's at work/school, etc.
Super Nerds can't seem to cooperate and compromise on a single package manager (or a layer above that each package manager could support!) (for everything, not just desktop apps) so automation can be built for the whole ecosystem so distros could move on to things that matter to the end user. yes, i want a package manager that doesn't suck, but we have several good ones already. dnf, pacman, apt come to mind. It would be nice if they would cooperate on the management, update and WINEsque stuff too.
(Score: 0) by Anonymous Coward on Thursday July 08 2021, @12:05AM
I like my package manager: portage. One layer above that is source code ... so we're all done here right?
(Score: 1, Interesting) by Anonymous Coward on Wednesday July 07 2021, @03:35PM (3 children)
Policing. Other major crimes have sufficient policing to provide some level of deterrence. Not so much deterrence that those crimes never happen, but at least enough deterrence to prevent organized and skilled groups of criminals. There are some exceptions, of course.
(Score: 2) by looorg on Wednesday July 07 2021, @04:08PM (1 child)
While policing is nice, and needed, what is really needed would be large scale successful prosecution. Where they would take all their money, property and resources and send them to some horrible gulag prison for an eon or two. Do that a few times and the risk remains high then this might become a bit less of an issue, or an attractive option as a criminal career. It might at least remove the low hanging fruits.
That said it's probably easier said then done since it's international or transnational organized crime and their local authorities (whatever they might be, Russians or whatever) doesn't appear to be overly concerned about it cause it's not harming them.
I guess it's to much to hope for that they'll eventually try to ransomware the wrong people and end up horribly maimed or dead.
(Score: 0) by Anonymous Coward on Thursday July 08 2021, @08:41AM
large scale successful prosecution
I believe the approved procedure is "Nuke from high orbit, its the only way to be sure".
Preferably after explaining to Putin how this could go badly for him.
(Score: 1, Insightful) by Anonymous Coward on Wednesday July 07 2021, @07:43PM
oh stfu, you pig-loving coward. Suited Whores deserve what they get. Pieces of shit want to "benefit" from the digital slave trade when they think they are masters, but now whine when they find out they are also the slave? fuck them and all you willfully ignorant, lazy, windows-using slaves.
(Score: 5, Interesting) by looorg on Wednesday July 07 2021, @02:03PM (5 children)
This is more or less all that is wrong with modern IT systems. Who ever came up with the idea that the system that your entire company depends on to do business should be "in the cloud" and managed by the lowest bidder remotely from the other side of the world is just mindbogglingly stupid.
I'm sure they saved a penny or two up until the point of failure but when this happens they are just bleeding rapidly and naturally it's the fault of someone else and nobody takes responsibility for anything.
COOP, one of the local/regional grocery store chains, have had more or less all their stores closed now for four days. They sort of opened up yesterday or so if you used their app to pay for things but if you didn't have it or want it you couldn't do business with them. They couldn't process any transactions or accept cash as payment either. It was APP or fuck off. The "funny" thing is they are supposed to be a cooperative (or they started out that way) and now depends on checkout point processing from a company on the other side of the globe. It's beyond retarded.
(Score: 3, Interesting) by Freeman on Wednesday July 07 2021, @03:02PM
Makes me wonder, if part of the reason why they ditched the JEDI contract was partly due to being less enamored with Off-Site Cloud solutions.
Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
(Score: 0) by Anonymous Coward on Wednesday July 07 2021, @05:06PM (3 children)
I hear this sentiment a lot, and I strongly disagree. Imagine you are in the supermarket business. You are going to need information technology: point-of-sale systems, inventory, payroll, accounting, etc. But you are not an expert in any of this. "If you want something done right, do it yourself" does not apply. You are going to need to hire some experts. The only question is on what terms you hire your experts. Do you hire full time employees? Hire consultants? Hire off shore contractors? Subscribe to a service?
Subscribing to a service offers some significant advantages. Chief among them is that someone else has already gone through the long iterative process of getting to organizational competence. In house employees are not magically guaranteed to be loyal or competent.
The problem is not outsourcing. The problem is outsourcing to the lowest bidder.
(Score: 2) by looorg on Wednesday July 07 2021, @05:16PM (1 child)
But this, COOP in this case, is not some little mom-n-pop single store grocer. They are a nation wide chain with hundreds of stores, they are the second largest chain in the country (plus they have business in the neighboring countries to .no .dk .fi etc) with about a 25% marketshare. They have a national IT department and all that jazz. They have their own in-house analytics department. This is stupid greed showing its ugly head and biting them hard now.
(Score: 0) by Anonymous Coward on Thursday July 08 2021, @03:49AM
*sigh* Even Sweden has fallen into capitalist quicksand. My father is truly dead
(Score: 2) by Dr Spin on Thursday July 08 2021, @08:44AM
The problem is not outsourcing. The problem is outsourcing to the lowest bidder.
No, the problem is PHBs
Warning: Opening your mouth may invalidate your brain!
(Score: 4, Insightful) by Gaaark on Wednesday July 07 2021, @08:43PM
Keep it up. The more this happens, the more it costs (how's that TCO now?), the more people will get mad and scream, the more they might just get fed up enough to drop MS shit.
Get MAD, people! WTF? What will it take? How much rape can you take? How many black eyes? How much money has to be taken out your pocket?
Damn, peoples is dumb.
--- Please remind me if I haven't been civil to you: I'm channeling MDC. I have always been here. ---Gaaark 2.0 --