The Kaseya cyberattack, Microsoft PrintNightmare, and ransomware stories are all over the news in July 2021. Panic is in the air. President Biden and Russian leader, Vladimir Putin are talking about it. Cory Hepola with WCCO Radio called the situation bleak.
But it doesn’t need to be bleak. It’s true, we are up against a tough enemy. But we overcome challenges every day before lunch. And we can overcome our cybersecurity challenges when we finally decide we’re tired of cowering.
Situations like the Kaseya cyberattack and PrintNightmare vulnerability happen all the time. Most don’t make the news. But we’ve seen this before and we have the means to win without spending a fortune. Here is a presentation with tips. And radio interviews below.
Here is a Microsoft Security Response Center (MSRC) article on the PrintNightmare vulnerability.
Let’s stop wringing our hands and let’s start kicking cyber bad guy butts.
- Friday, July 9, 2021, WCCO AM 830 with Cory Hepola
- Sunday, July 11, 2021, AM1280 The Patriot with Brad Carlson
- Monday, July 12, 2021, WMST Radio with Dan Manley
If you’re a business owner and you decided to outsource your IT backend systems because putting everything in the cloud makes all your IT problems go away, you might want to pay attention to the Kaseya cyberattack story. This Krebs on Security article goes deeper than most of the press articles.
Kaseya operates a software package named VSA that monitors and manages remote servers. With Kaseya’s VSA software, somebody in, say, Minnesota can monitor and manage their servers around the world. This is handy for businesses with servers at multiple sites, especially Managed Service Providers (MSPs). MSPs are Kaseya’s most important customers.
MSPs operate backend IT systems for business customers. Maybe a grocery store needs somebody to manage its point of sale (POS) systems. Or maybe an HR department needs to track compliance issues. Or maybe a business wants somebody to manage its payroll, because payroll rules are complex and change all the time. MSPs operate these applications and sell access to them over the internet.
Businesses pay MSPs because MSPs specialize in operating application servers so businesses can focus on what they do without worrying about technology. That’s why the Kaseya cyberattack story is important. Because even though most business owners have never heard of Kaseya, thousands of businesses are Kaseya’s customers’ customers.
And then a Russian ransomware gang exploited Kaseya VSA bugs to drop malicious software inside several MSPs, which scrambled business information around the world. As of early July, 2021, the attackers want $70 million for a universal decryption key. Or individual victims can pay their own ransoms to get back on their feet.
If you’re a customer of a victim MSP, and your MSP took cybersecurity shortcuts, you might be in a world of hurt. If so, learn from your mistakes, recover, share your lessons, and move forward.
Fight Back – Care and Share to be Prepared
Burn this six-word rhyme into your brain. It summarizes everything the public needs to know about cybersecurity.
Victim MSPs and their customers who were prepared won’t need to pay any ransom. They can execute well-tested disaster recovery plans and send a middle finger salute to their attackers.
Care and share to be prepared.
WCCO AM 830 with Cory Hepola, Friday, July 9, 2021; PrintNightmare, WWIII, and the Kaseya Cyberattack
On Friday, July 9, 2021, Cory Hepola and I talked about whether we will fight WWIII over the internet. The scenario in Virus Bomb could easily happen in the real world, and could easily trigger a world war.
Cory, our real-world situation is not bleak, but we need to stop believing the CIA, FBI, NSA, or other government agency will make everything all better.
Or listen to the recording on the WCCO Radio website.
Previous WCCO Radio appearance
Kaseya Cyberattack on AM1280 The Patriot with Brad Carlson, Sunday, July 11, 2021
We talked about the Kaseya cyberattack and ransomware. Dan from Hopkins called in – again – and we finished with election conspiracy theories. Brad enjoyed some virtual popcorn while Dan and I went toe to toe.
Facebook Live video stream
Here is the audio from the AM1280 The Patriot website. My part starts after the 1:30:00 mark.
Previous AM1280 The Patriot radio appearance
WMST Radio, Mount Sterling, Kentucky; Mornings on Main with Dan Manley, Monday, July 12, 2021
We talked mostly about cybersecurity in general and touched on the Kaseya cyberattack.