Kaseya Ransomware: a Software Supply Chain Attack or Not?

Graphic of a chain link made of fragile thread.

Following the 4th of July weekend, our industry finds itself digesting the details of yet another large-scale and high-profile ransomware attack. This time its the exploitation of Kaseya’s network monitoring and remote management software. First surfacing on Friday afternoon July 2nd, 2021, this story quickly spread over the weekend in mainstream media and hacker news sites.

With most Americans now returning from their holiday, we’re beginning to gain more perspective on what actually transpired. We’re also seeing an interesting, and admittedly nuanced, debate emerge on whether the Kaseya attack actually qualifies as a “software supply chain” attack.

NOTE: Kaseya’s customer base includes individual companies, as well as a large number of Managed Service Providers (MSPs). These MSPs in turn provide IT outsourcing services to hundreds, and possibly thousands, of downstream business customers that are typically small and medium size organizations with limited or non-existent IT departments (think doctors, dentists, accountants, lawyers, etc.).

Article Link: Kaseya Ransomware: a Software Supply Chain Attack or Not?