Thanks to recent high-profile attacks, cyber-crime is now on the minds of business and government leaders, like never before. Rob Cheng joined Liz Callaway on the Liz Callaway Show to discuss recent cyber-crime and the focus on “whodunit”.
Cyber-Crime & Its Origin
Like any other crime, the people want to know who did it. Who infected JBS with ransomware, what cyber gang was responsible for the largest ransomware attack to date, or who took down Colonial Pipeline using cyber weaponry?
The reality is, we may think we know, but that’s all it really is. A thought or assumption. During his conversation with Liz Callaway, Rob Cheng, confirms there really isn’t any proof confirming Russia was responsible for the Kaseya attack. Yes, there were Russian characters in the code, but Rob offered a potential explanation. First is ransomware-as-a-service (RaaS). RaaS is when cyber criminals can buy ransomware to distribute themselves, versus actually creating the malware. They then share a percentage of the ransoms paid with the developer who coded the ransomware variant. How does this play into Kaseya? Well, because if the attack was executed through a RaaS, that means the Russian characters were included by the developer, NOT the distributor. Therefore, even though they may have made the ransomware, they may not have been the ones to target Kaseya. I suppose the question then becomes is the developer just as guilty as the distributor?
Instead of trying to pin point where the attacks are coming from, Rob is challenging individuals to focus on closing the security gaps cyber criminals use to infiltrate networks.
Why? Think of it this way…
You have a rodent problem, because there is a hole in the siding of your house. Do you buy rat poison, or do you patch the hole? You patch the hole; just like closing the security holes would keep future attacks from happening. It’s a simple, and incredibly effective solution, really.
Listen to Rob’s full segment on the Liz Callaway Show below.