Kaseya: Before and After
The best time to contact a cybersecurity professional
Free Content on Jobs in Cybersecurity | Sign up for the Email List
One of my stories on Data Breaches.
A news organization that wanted to know if any of our clients were affected by the Kaseya breach contacted me recently. I had to explain that although I have helped a few companies determine the cause of a security incident in the past and that is how I got into security, 2nd Sight Lab focuses on defending against data breaches and attacks rather than incident response. We most often perform preventative security services.
I am certified in malware analysis and reverse engineering. Those skills help me analyze malware analysis reports and devise prevention strategies. But as I’ve written about before, organizational risk mitigation can abstract out the details to a higher level to develop a comprehensive strategy aimed at lowering cyber risk. Security product vendors have a different focus and need for detailed malware analysis to improve the efficacy of their products if they focus on blocking specific malware variants.
I do analyze the fallout of breaches and report on it in my weekly cybersecurity news feed based on scouring many different sources. We perform research of past breaches to develop strategies that help companies mitigate risks that decrease the chance of a future compromise. We can learn from past attacks and attack statistics to focus on strategies that prevent the most attacks with the least amount of overhead. Although it is impossible to stop every breach, the information we have about recent breaches indicates that organizations can improve.
As far as Kaseya is concerned, it looks like as many as 1000–1500 companies may have been affected at this point, and that the damage in each case was limited to the infected server. I’m researching some additional information as to why that may have been the case at this time which I’ll report here on Saturday or Sunday.
You have two choices concerning when to contact cybersecurity experts. One would be to contact one before a breach to get help improving your organization’s cybersecurity posture. You can also contact one after a breach to get help after a security incident. I explain the different types of security services and careers in my book on Cybersecurity for Executives in the Age of Cloud.
2nd Sight Lab is a company that you want to employ before you have a breach. We perform penetration tests and security assessments to help find security problems before attackers do so companies can reduce the chance of a successful attack on their systems. We also offer cloud security training to help your staff make better cybersecurity decisions. Although companies have contacted us after a breach, it is generally to help improve system security and evaluate security processes and controls to prevent the next one.
None of our customers informed us that they were impacted by the Kaseya malware. I am not aware that any of them were affected. However, we aren’t a company you would call to determine what to do about malware in your network. Other members of the IANS Faculty specialize in those services if you need help once an attacker has breached your systems and is inside your network.
The particular type of system that started the incident affected companies that outsource security to a third-party vendor instead of handling it themselves. They may not be the type of company to contact us. We also currently don’t have many managed service providers (MSPs) that leverage our services, such as those that would use a product like Kaseya. But we would be happy to help them if they contact us with preventative security measures.
Another aspect of the Kaseya breach 2nd Sight Lab could have helped with was a product assessment prior to the breach. We performed a security product evaluation for a different cloud security product. We demonstrated to them how a supply chain attack might be possible and what they might be able to do to fix it. 2nd Sight Lab can try out products and services to make recommendations to improve the security and usability of a product and also provide feedback on how to improve the efficacy of the product, something I wrote about in my book.
I’ve written before about preventative and reactive security in my blog post on defensive cloud security strategies. Consider when you might want to call in a cybersecurity expert. Please contact us before a security incident to evaluate the security of your cloud accounts and applications hosted in them. We can also train your team on cloud security services in AWS, Azure, and GCP and help them develop a security mindset to help prevent future attacks.
In the case of the Kaseya breach, it does appear that the company was in the process of fixing vulnerabilities identified by white hat security professionals prior to the breach. Find a much more in-depth analsyis of the Kaseya breach in 2nd Sight Lab’s cybersecurity news feed for the week including affected parties, how the attack transpired, and possible overlaps with other attacks such as the Republican National Committee reported attack via a third-party vendor. What really happened?
Follow for updates.
Teri Radichel | © 2nd Sight Lab 2021
About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight LabNeed Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for PresentationFollow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab