Pay or else

Ransomware attacks raise the stakes for CU security.

The hostile-attack headache keeps getting worse.

The successful ransomware attack on Kaseya, which reportedly has credit union clients, over the July 4 holiday raises new concerns, says Heath Stanley, director of virtual advisory services at Vala Secure, Plano, Texas.

“It was an attack on a vendor linked to payment systems,” he says, “and that’s a scarier vulnerability” than an attack on a credit union, which is just an attack on an end point. “The tech community is still trying to figure out how to deal with supply-chain breaches” that occur when business suppliers are hit.

The bad guys are getting more sophisticated, picking more lucrative targets and investing in deeper reconnaissance, reports security consultant Jim Benlein, owner of KGS Consulting, Silverdale, Washington. The Kaseya attack is evidence of that strategy, he notes.

 

continue reading »