When Software Updates Get Hacked
Darned if you do, darned if you don't: Software fixes have become extensively automated, which works when software supply chains are secure. Yet with attackers focused on compromising those pipelines, is automated patching such a good idea?
Robert Lemos
PDF
On July 2, an attack that used a series of yet-to-be-patched vulnerabilities in Kaseya's Virtual System Administrator (VSA) server software quickly compromised about 100 business clients of managed service provider (MSP) JustTech, encrypting systems in the victims' environments.
The havoc took about two hours to wreak but nearly two weeks to undo. Late last week, La Plata, Maryland-based JustTech — one of dozens of Kaseya-using MSPs hit by the attack — put the final touches on cleaning up the damage from the event and making whole the businesses and government offices impacted by the attack. While JustTech's prior focus on backup and restoration procedures helped its clients recover, the question the company is now pondering is how to stop the next major attack from using another supplier to affect its customers, says Joshua Justice, founder and president of the managed service provider.