Hundreds of dental offices across the country were hit with ransomware recently after managed service provider (MSP) Digital Dental Record was compromised. Sadly, I partly saw this coming.
Sometimes predicting these kinds of attacks makes being right feel oh so wrong. This was one of those times. It was only a few weeks ago when I sat with Dark Reading's Kelly Jackson Higgins in DEF CON's Chillout Lounge, predicting this type of attack would be the next big thing.
As someone whose job it is to learn as much as possible about the online criminal ecosystem, I often spot trends before they make mainstream headlines. This type of attack was high on my list of attacks likely to increase.
Service Providers Under FireSupply chain attacks aren't new. They've been increasing in frequency, however, and gaining more attention. While there are many types of supply chain attacks, this particular type — compromising a service provider to gain access to its customers — is becoming more popular among skilled ransomware crews.
There were incidents following similar malicious playbooks a few years ago, but those targets were point-of-sale service providers. Back then, the goal wasn't to install ransomware but to steal credit cards from as many locations as possible.
Now the idea has been adapted to targeted attacks against niche MSPs. The goal: Hold all of its clients for ransom.
The most infamous attack to date, occurring only days after my prediction to Kelly, crippled
Support the originator by clicking the read the rest link below.
