At this very moment, a ransomware assault is hitting hundreds of businesses across the US. The incident appears to be the result of a so-called supply chain attack; hackers were able to push malware to victims through legitimate IT management software from a company called Kaseya. Making matters worse, REvil ransomware operators hit what’s known as “managed service providers,” which provide IT infrastructure and support for companies who would rather outsource that sort of thing. When hackers compromise an MSP, it’s usually quick work to infect their customers as well, making the scale of this campaign “monumental,” in the words of one cybersecurity professional.
The severity of the REvil strike was almost enough to make one forget about Microsoft’s particularly bad week. Almost. In addition to a couple of high-profile cybersecurity incidents that we’ll get into more below, the company found itself in a self-generated controversy over which PCs will be allowed to run Windows 11. The new operating system will likely require a processor that came out four years ago at most, meaning plenty of devices you can purchase right now won’t qualify. Not only that, but Microsoft had previously announced that it would end support for Windows 10 in 2025, meaning lots of users have only a few years before being forced to choose between losing security updates altogether and buying a new PC—even if their current one works perfectly well.
In other not-great Microsoft news, the same hackers behind the devastating SolarWinds campaign were found to have installed malware on a customer service employee’s device. Microsoft said that three customers were affected by the hack, although it’s not clear who nor what information was stolen. It should never be surprising that Russia’s cyberspies are cyberspying, but it’s still alarming that they were able to get that level of access at a company as critical as Microsoft.