The cyber industry needs to take a good, hard look in the mirror to face our collective failure to predict, plan for and defend against the type of paradigm-shifting ransomware attack carried out by REvil.
The attack targeted software maker Kaseya — a company that develops software used to manage business networks and devices. Kaseya sells that software to managed service providers (MSPs), who, in turn, contract with companies to outsource the management of their IT systems. Once Kaseya’s software was infected, it was passed down through its supply chain, starting with MSPs and then moving to the customers of those MSPs, including the company that operates the cash registers for a Swedish grocery chain called Coop.