6th e-Crime and Cybersecurity Nordics
27th October 2021 • Online
With hackers picking off targets at will, and nation-state involvement blurry, what next for CISOs and government?
Coop Sweden probably didn’t expect the Kaseya ransomware attack to affect it, since it had no direct dealings with the Florida-based IT company. However, just a couple of days since news of the attack broke, the company had to close more than half of its 800 stores after point-of-sale tills and self-service checkouts stopped working.
The supermarket was not itself targeted by hackers – but MSPs which use Kaseya’s VSA platform to manage IT infrastructure for their own customers were. This allowed the hackers to potentially reach thousands of companies across the globe.
In the case of Coop Sweden the hackers attacked a service provider responsible for billing and point-of-sale systems - one consequence being that retailers could not charge their customers.
The likely source of the attack was the Russia-linked REvil ransomware which deployed a version of the REvil ransomware to some of Kaseya’s customers, disguised as an update to the firm’s VSA software, in a two-stage attack via updates reminiscent of the recent Sunburst/Solarwinds attack. A month previously, the FBI blamed the same group for paralyzing the meat packer JBS.
The sophistication of these ransomware attacks is worrying, particularly since many companies struggle with traditional, unsophisticated ransomware delivered by email.
The continuing global impact of ransomware suggests that things will get worse before they get better. If they get better.
The fact that some level of state tolerance, if not actual support, is clearly involved, is also, finally, beginning to be recognised as a gamechanger. No less a figure than US President Joe Biden responded to the Kaseya attack by directing US intelligence agencies to investigate.
This is an indication that governments are starting to realise that leaving cybersecurity to the private sector may not be enough.
So, what do CISOs need from governments to help them reach at least a stalemate in the guerrilla war against the hackers? What role do the critical providers of core infrastructure, both hardware and software, play in building an alliance against cyber-criminality? And what can CISOs do better to help themselves?
The 6th e-Crime & Cybersecurity Congress Nordics will take place online and will look at how cybersecurity teams are tackling the new normal. Join our real-life case studies and in-depth technical sessions from the security and privacy teams behind some of the world’s most admired brands.