This sounds familiar

Back in #WeekendWisdom number 41, I talked about supply chain risks. Since then there have been a couple of massive global supply chain hacks that have occurred.

What are these supply chain hacks you speak of?

The first one was late last year. The SolarWinds hack was revealed. SolarWinds makes network monitoring software that are used by large corporates and government agencies.

But for my audience, which will be the more smaller business owner, something happened last week. A company called Kaseya, they provide software for IT managed service providers who obviously look after the IT for their customers which are usually small businesses. This software enables those managed service providers to be able to remotely manage and control their client’s devices.

What happened with the Kaseya hack?

Well Kaseya were hacked and had their client’s devices were ransomed by the REvil ransomware gang. Now REvil claim that they have infected a million devices around the globe and they’re looking for $70 million to free up these devices. The whole story is still playing out, so we don’t know the full details of it yet.

What can you do about this type of risk?

But how would you, as a small business owner, be able to try and protect yourself from such a supply chain hack?

Well you really do need to make sure that any third party that is going to put some kind of service or device or software into your network, into your environment, to carry out a full, thorough due diligence on that supplier and their application.

If you don’t have the capability in-house, there’s plenty of people out there in the market and in the business that will be able to provide you with an independent assessment.

So that’s it for this week. Lets be careful out there and we’ll talk to you again next week.

The post #WeekendWisdom 086 Supply Chain Hacks appeared first on L2 Cyber Security Solutions Ltd..