I have just visited the Kaseya Web site. “We Are Kaseya,” it burbles cheerfully. “Providing you with best-in-breed technologies that allow you to efficiently manage, secure and back up IT under a single pane of glass.
“Technology,” it continues, “is the backbone of all modern business. Small to mid-size businesses deserve powerful security and IT management tools that are efficient, cost-effective, and secure. Enter Kaseya. We exist to help multi-function IT professionals get the most out of their IT tool stack.”
Translation: Kaseya produces remote management software for the IT industry. It develops and sells this software to remotely manage and monitor computers running Windows, OS X and Linux operating systems.
As many organizations will grimly confirm, managing your own IT systems is a pain in the arse. So Kaseya has lots of happy customers in the US, the UK and elsewhere.
Or, rather, it did have. On July 2 it was the victim of a ransomware attack that affected between 800 and 1,500 of its small-business customers, potentially making it the largest ransomware attack ever.
Such attacks are a form of kidnapping: intruders gain control of an organization’s systems, encrypt its data and demand payment (in cryptocurrency) in return for a key to decrypt the hostage data.
In an impressive YouTube video posted on July 6, Kaseya chief executive Fred Voccola said that the company had shut down the compromised program within an hour of noticing the attack, potentially stopping the hackers from hitting more customers.
By industry standards, that was an agile and intelligent response. Other victims — such as the US pipeline operator Colonial and the Irish hospitals that were struck recently — have been much more traumatized.
So what is going on? Basically, what has happened is that, in a relatively short time, ransomware has become the new normal for organizations that are dependent on IT — which is basically every organization in the industrialized world. That it happened to Kaseya, as Voccola put it, “just means it’s the way the world we live in is today.”
It is. So how did we get here? Three major factors were involved. The first was the invention and development of cryptocurrencies. Kidnapping in the old days was a risky business: the family might pay the ransom, but bundles of £20 notes were relatively easy to trace.
Cryptocurrencies, on the other hand, are designed to be near-impossible to trace, so there is no paper trail for police to follow.
“Ransomware is a bitcoin problem,” University of California, Berkeley, researcher Nicholas Weaver says, and doing something about it “will also require disrupting the one payment channel capable of moving millions at a time outside of money laundering laws: bitcoin and other cryptocurrencies.”
The second factor is that ransomware has changed from being an exploit for lone cybercriminals into an industrialized business. We saw this earlier with distributed denial-of-service (DDoS) attacks: Once upon a time if you wanted to bring down a server you first had to assemble a small virtual army of compromised PCs to do your bidding; now you can rent such a “bot army” by the hour.
Much the same applies for ransomware: There are a number of criminal gangs, such as REvil, that operate like companies providing what is essentially ransomware as a service (RaaS). Criminals select a target and use REvil’s services in return for giving it a slice of the proceeds.
Ross Anderson, professor of computer security at Cambridge University, regards this is “a gamechanger for the cybersecurity business,” and he is right.
The third factor is geopolitics. We live in a world that was created by the Peace of Westphalia, which in 1648 brought to an end the Thirty Years’ War and established the system of sovereign states, which essentially ensures that rulers can do what they like within their own jurisdictions.
The RaaS “firm” REvil operates in Russia, a jurisdiction ruled by an autocratic kleptocracy which has — as a state — brilliantly exploited digital technology for propaganda, disruption of democratic processes at home and abroad, and for cyberespionage on a grand scale.
The other day, for example, the US National Security Agency revealed that Russian security agencies had since 2019 been using a supercomputer cluster for “brute force” password-guessing on millions of Western online services. Since these machines can perform millions of guesses every second, the chances of any normal password remaining safe are pretty poor.
So are the chances of US, EU or UK law-enforcement agencies getting to arrest and extradite the beneficiaries of ransomware attacks on Western organizations — as US President Joe Biden doubtless discovered when he met Russian President Vladimir Putin in Geneva, Switzerland, the other week.
So the only thing the REvil crowd have to worry about for the time being is making sure they pay up when Putin’s goons come looking for his share of the cryptoloot.
Weeks into the craze, nobody quite knows what to make of the OpenClaw mania sweeping China, marked by viral photos of retirees lining up for installation events and users gathering in red claw hats. The queues and cosplay inspired by the “raising a lobster” trend make for irresistible China clickbait. However, the West is fixating on the least important part of the story. As a consumer craze, OpenClaw — the AI agent designed to do tasks on a user’s behalf — would likely burn out. Without some developer background, it is too glitchy and technically awkward for true mainstream adoption,
On Monday, the day before Chinese Nationalist Party (KMT) Chairwoman Cheng Li-wun (鄭麗文) departed on her visit to China, the party released a promotional video titled “Only with peace can we ‘lie flat’” to highlight its desire to have peace across the Taiwan Strait. However, its use of the expression “lie flat” (tang ping, 躺平) drew sarcastic comments, with critics saying it sounded as if the party was “bowing down” to the Chinese Communist Party (CCP). Amid the controversy over the opposition parties blocking proposed defense budgets, Cheng departed for China after receiving an invitation from the CCP, with a meeting with
Chinese Nationalist Party (KMT) Chairwoman Cheng Li-wun (鄭麗文) is leading a delegation to China through Sunday. She is expected to meet with Chinese President Xi Jinping (習近平) in Beijing tomorrow. That date coincides with the anniversary of the signing of the Taiwan Relations Act (TRA), which marked a cornerstone of Taiwan-US relations. Staging their meeting on this date makes it clear that the Chinese Communist Party (CCP) intends to challenge the US and demonstrate its “authority” over Taiwan. Since the US severed official diplomatic relations with Taiwan in 1979, it has relied on the TRA as a legal basis for all
A delegation of Chinese Nationalist Party (KMT) officials led by Chairwoman Cheng Li-wun (鄭麗文) is to travel to China tomorrow for a six-day visit to Jiangsu, Shanghai and Beijing, which might end with a meeting between Cheng and Chinese President Xi Jinping (習近平). The trip was announced by Xinhua news agency on Monday last week, which cited China’s Taiwan Affairs Office (TAO) Director Song Tao (宋濤) as saying that Cheng has repeatedly expressed willingness to visit China, and that the Chinese Communist Party (CCP) Central Committee and Xi have extended an invitation. Although some people have been speculating about a potential Xi-Cheng
RSS