The latest in a string of ransomware attacks may be on course to become the "most destructive ... campaign that we've seen so far," writes cybersecurity expert Dmitri Alperovitch. He explained that the Friday strike against software provider Kaseya, whose customers have an untold number of clients themselves, means there could be a "huge number of victims all over the world" and "entire networks encrypted" with "no way to decrypt today without paying millions per network of any significant size" to the perpetrators, who are believed to be affiliated with cyber criminal gang REvil.
Matt Tait, a senior cybersecurity fellow at the Robert S. Strauss Center for International Security and Law at the University of Texas at Austin, said that while the fallout is "relatively small" so far, strategically speaking it may be more significant than previous, attention-grabbing attacks on Colonial Pipeline and Solar Winds.
The hack has reportedly already resulted in the temporary closure of all but five of Sweden's Coop grocery chain's stores. Coop's managed service provider Vissma Escom was hit, which brought down the former company's cash register system and self-service checkouts. Allen Liska of Recorded Future's computer security response team told The Financial Times that the attack highlights an over-reliance on centralized third parties for IT support. "We've essentially handed over too much trust so that if something happens to them, it becomes a catastrophic for your organization through no fault of your own," Liska said. Read more at The Financial Times.