IT Security: 3 Lessons From The Kaseya Ransomware Attack

Well, here we go again, another massive cybersecurity breach. Even bigger than the Colonial Pipeline incident, the recent Kaseya ransomware attack affected up to 1,500 businesses whose partners use Kaseya’s tools to manage IT infrastructures. The hackers found a flaw, exploited it, and then pushed their ransomware to servers connected to the internet.
This Kaseya incident is just one of many battles in the ongoing war against ransomware attacks. This attack on Kaseya aimed at the entire software supply chain, an approach that can have devastating — and oftentimes unpredictable — consequences.
The answers on how to prevent and cope with these types of subversions isn’t simple. Researchers and policy makers have their work cut out for them as they look tirelessly for solutions. In the meantime, though, it’s up to businesses to stay proactive and diligent about IT security. Here are three lessons in IT security that we can take away from this Kaseya ransomware attack.
Business Continuity and Disaster Recovery (BCDR) plans help minimize business interruptions in the event of a cyber-attack or network outage. The goal is to minimize downtime and reduce data loss. The idea is to create a plan for handling server and network restoration and backup recovery.
So, how do you go about creating and enacting a BCDR plan? There are a few basic components:
Cybersecurity solution provider, Kaspersky, tracked the ransomware issues that Kaseya encountered and documented the information they uncovered. To mitigate ransomware attacks, they recommend some defensive moves:
A zero trust security model is also called “perimeterless security”. It’s a framework that requires users both inside and outside your network to authenticate, authorize, and continuously validate security configurations before they are granted access to data or applications they are trying to reach.
What makes zero trust different from traditional network security is that, instead of assuming everything is secure after a one-time validation, zero trust requires continuous monitoring and validation that the user and their device have the privileges to access the information. These types of initiatives can be put into action using multi factor authentication, identity and access management (IAM), endpoint security, and other solutions that verify identity and maintain continuous security.
To take zero trust further, you can extend that security with deeper initiatives for data encryption, secure emails and password protections, and web gateways that only approve secure website access – and that’s just scraping the surface. True zero trust security offers an even larger variety of preventative measures you can bring in, all of which will work together in multiple layers to secure your network and its data. It’s all about what works for you and your organization.
Fill out the form below and we will contact you