When Trust Becomes a Threat: Lessons from Target and Kaseya

On this website, Google uses specific Blogger and Google cookies, including those for Google Analytics and AdSense, as well as other data collected by Google.

 

🛡️ Dear #Network, I would like to introduce you to two famous supply chain attacks.

✏️ 2013 Target Cyberattack

Hackers stole customer data from the U.S. retailer Target by breaking into a third-party vendor’s system instead of Target’s own system. This type of attack is called a supply chain attack, where hackers focus on companies that provide services to others.

In this case, the attackers gained access by stealing login credentials from a subcontractor. This allowed them to install malicious software on multiple point-of-sale devices—used to log orders and process sales—enabling them to steal debit and credit card data from around 40 million customers within a few weeks.

Although Target’s security system detected suspicious activity, it did not respond quickly enough. The attackers exploited third-party weaknesses and gained access through a company working with Target, emphasizing the importance of monitoring external partners. Target had strong security tools in place but relied too heavily on automated systems with insufficient human oversight.

The Federal Trade Commission (FTC) investigated Target for failing to protect customer data. The FTC examined whether the company had taken adequate steps to safeguard customer information.

As a result, customers filed lawsuits over fraud-related losses, while banks demanded reimbursement for replacing compromised payment cards. In 2017, Target agreed to an $18.5 million settlement with 47 states and Washington, D.C.

The breach led many businesses to focus on proactive threat detection and a multi-layered cybersecurity approach. Target invested in SIEM solutions, network segmentation, third-party vendor risk management, and continuous monitoring. Retailers also began adopting EMV chip technology for more secure payments.

✏️ 2021 Kaseya VSA supply chain ransomware attack

In 2021, Kaseya VSA (Virtual System Administrator), a cloud-based Remote Monitoring and Management (RMM) software widely used by Managed Service Providers (MSPs), was compromised by the cybercriminal group REvil.

The attackers exploited a zero-day vulnerability—a previously unknown security flaw—to bypass authentication and deliver ransomware to on-premises customers.

Because the VSA software operates with elevated system permissions, the attackers were able to disable Microsoft Defender and quickly distribute ransomware through endpoint agents (software installed on devices such as laptops or servers to help monitor and protect them).

The ransomware used in the attack was part of a Ransomware-as-a-Service (RaaS) model, in which criminals develop ransomware tools and offer them to others for use in attacks.

✏️ RaaS

RaaS operators maintain the software and infrastructure, while affiliates (or partners) use them to carry out ransomware campaigns. These operators typically make money in the following ways:

- Charging a monthly subscription to use the ransomware

- Selling the ransomware for a one-time fee

- Offering partner programs for affiliates

- Taking a percentage of the ransom payments received




 

 

Location: Schweiz
Passionate about cybersecurity and AI, I thrive at the intersection of digital defense and intelligent innovation

Kommentare

Kommentar veröffentlichen

Beliebte Posts aus diesem Blog

Cybersecurity Rules: What You Need to Know

Bild
On this website, Google uses specific Blogger and Google cookies, including those for Google Analytics and AdSense, as well as other data collected by Google. Cybersecurity Compliance Made Simple For You    🛡️  Cybersecurity compliance plays a critical role in protecting personal data, securing digital infrastructure, and maintaining national security. As cyber threats become more advanced, regulations must evolve to address emerging risks, enforce accountability, and promote transparency across industries. Modern cybersecurity laws are shaped by privacy legislation, national defense policies, and the growing impact of cyberattacks. These regulations encourage businesses and individuals to adopt robust security practices and stay aligned with global standards. Keeping Up With Compliance Rules Made Simple Protecting personal data: Regulatory frameworks enforce safeguards that minimize data breaches and misuse. Securing digital infrastructure: Compliance reduces systemi...
Read more »

Securing the Future: How Safe Are Edge and Cloud Platforms?

Bild
  On this website, Google uses specific Blogger and Google cookies, including those for Google Analytics and AdSense, as well as other data collected by Google.     Hello #Network ! I would like to share a few thoughts about edge and cloud security. Are we truly protected? Thank you for taking the time to read the following article! 🛡️ Security in an Untrusted Environment Edge and cloud platforms operate in an untrusted world, where security must be a priority from the start—not an afterthought. Every step of the design process should integrate security considerations, including coding best practices, tools, and testing. ✏️ Layered Security Approach The most effective way to secure applications is by using multiple layers of defense. Each security tool plays a unique role, so combining various technologies helps safeguard Edge and Cloud platforms more comprehensively. ✏️ Comprehensive Protection Across Key Areas A secure application must address protec...
Read more »

Cybersecurity Risks in Cloud Trust Relationships: Lessons from the Adobe Cyberattack and Regulatory Developments in Europe

Bild
  On this website, Google uses specific Blogger and Google cookies, including those for Google Analytics and AdSense, as well as other data collected by Google.   🛡️Dear # Network, I would like to share a few thoughts on the impact of cyberattacks on law, especially in the cloud. ✏️Cloud trust relationships between providers and users have been exploited in cyberattacks. One of the most well-known examples is the Adobe Cyberattack in 2013. 2013 Adobe Cyberattack: Hackers stole personal data from 38 million Adobe users, including usernames, encrypted passwords, credit card details, and software code. This exposed security flaws, prompting authorities in 15 U.S. states to accuse Adobe of failing to protect customer data. Adobe agreed to pay $1 million in a legal settlement. As part of the deal, the company promised to improve security measures to prevent similar breaches in the future. The attack highlighted cybersecurity risks, especially as Adobe shifted t...
Read more »