ISMG Editors’ Panel: Analysis of Kaseya Attack

ByPR 24

Business Continuity Management / Disaster Recovery
,
Fraud Management & Cybercrime
,
Governance & Risk Management

Sizing Up the Impact of the Ransomware Attack and How to Mitigate Risks

Anna Delaney (annamadeline) •
July 9, 2021    




Clockwise, from top left: Suparna Goswami, Anna Delaney, Mathew Schwartz and Tom Field


In the latest weekly update, a panel of Information Security Media Group editors discusses the repercussions of the Kaseya ransomware incident, the immediate response of the cybersecurity community and key risk management takeaways.

See Also: Live Panel | Zero Trusts Given- Harnessing the Value of the Strategy



The editors – Suparna Goswami, associate editor, ISMG Asia; Anna Delaney, director, productions; Mathew Schwartz, executive editor, Data Breach Today and Europe; and Tom Field, senior vice president, editorial – discuss:



  • Comments from Tom Kellermann of VMware Carbon Black on the timing and scale of the Kaseya attack;


  • How the Kaseya attack compares to other cyberattacks attributed to the REvil ransomware group, as well as key risk mitigation takeaways;



  • Insights from LafargeHolcim’s Manish Dave on building a “zero trust” framework to help mitigate cyberattack risks.



The ISMG Editors’ Panel runs on Fridays. Don’t miss our previous installments, including the July 2 and June 25 editions, which respectively discuss the FBI’s assessment of cybersecurity trends and open-source software security.

Similar Posts

Innovative REvil Ransomware Operation Is Back

Innovative REvil Ransomware Operation Is Back

ByPR 24

Critical Infrastructure Security , Cybercrime , Cyberwarfare / Nation-State Attacks Group Specializing in Big Game Hunting Has Amassed Millions in Ransom Payments Mathew J. Schwartz (euroinfosec) • September 13, 2021     REvil ransom note seen by victims of the ransomware attack involving Kaseya’s software (Source: Cisco Talos) Has the notorious REvil ransomware group resumed…

Russian Government Not Behind Colonial Pipeline Attack

Russian Government Not Behind Colonial Pipeline Attack

ByPR 24

Fraud Management & Cybercrime , Fraud Risk Management , Malware as-a-Service But President Says Attackers Reside in Russia Doug Olenick (DougOlenick) • May 13, 2021     President Joe Biden comments on the Colonial Pipeline attack Thursday. President Joe Biden says the Russian government was not behind the ransomware attack that struck Colonial Pipeline Co….

Attackers Target Unpatched SAP Applications

Attackers Target Unpatched SAP Applications

ByPR 24

Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management Exploits Could Lead to System Hijacking, Data Theft, Ransomware Attacks Akshaya Asokan (asokan_akshaya) • April 7, 2021     Attackers are targeting unpatched SAP applications, and the exploits could lead to the hijacking of the vulnerable systems, data theft and ransomware attacks,…

Attacks Surge After Code Published

Attacks Surge After Code Published

ByPR 24

Application Security , Cybercrime , Cybercrime as-a-service Strikes Increase After ProxyLogon Proof-of-Concept Attack Code Released Akshaya Asokan (asokan_akshaya) • March 20, 2021     There has been a spike in web shells being detected, as ransomware gangs and other attackers increasingly target vulnerable Microsoft Exchange Servers following publication of proof-of-concept attack code for ProxyLogon, which…

CVE-2021-29106 – Alert Detail – Security Database

CVE-2021-29106 – Alert Detail – Security Database

ByPR 24

Executive Summary This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this. Informations Name CVE-2021-29106 First vendor Publication 2021-07-10 Vendor Cve Last vendor Modification 2021-07-12 Security-Database Scoring CVSS v3 Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Overall CVSS Score 6.1 Base Score 6.1 Environmental Score 6.1 impact SubScore 2.7…