Kaseya Ransomware Attack: 'This Is a Dramatic Escalation'Tom Kellermann of VMware Carbon Black on the Timing, Impact of REvil Strike
The Kaseya VSA ransomware attack was discussed exhaustively over the Fourth of July holiday weekend. But there's one big question that hasn’t been answered, says Tom Kellermann, head of cybersecurity strategy at VMware Carbon Black: "Who gave REvil the zero-day?"
Calling this attack a dramatic escalation of supply chain assaults, Kellermann suggests there may have been some behind-the-scenes collusion between cybercriminals and nation-state threat actors.
"We can talk about the ransomware till we're blue in the face, but who gave REvil the zero-day?" Kellermann asks. "They're not known for producing zero-days. And the fact that they had the zero-day really shows a bit of cooperation that's unprecedented - once again - between a nefarious rogue regime and the cybercrime cartels."
In a video interview with Information Security Media Group, Kellermann discusses:
- The timing and scale of the Kaseya attack;
- Unanswered questions about how the zero-day exploit was shared the adversaries;
- Why this incident calls for a cyber-proportionate response.
Kellermann, head of cybersecurity strategy at VMware Carbon Black, is the former CEO of Strategic Cyber Ventures. He held a seat on the Commission on Cyber Security for the 44th president of the United States and served as an adviser to the International Cyber Security Protection Alliance. When he served as chief cybersecurity officer for Trend Micro, he was responsible for analysis of emerging cybersecurity threats and relevant defensive technologies.