I am trying to remember something. Yesterday I came up with short story number three, I dreamt the story and the big lines were done, but now I forgot the dream, only fragments remain. A stage where it is about one thing leading to another, I see the ending but I can no longer see the beginning. It is a shared setting that eludes me, and every time I my mind moves back to the story, it is overwhelmed with other facts. It takes me back to yesterday as I was writing the Kaseya story. The BBC is giving us “Researchers from the Dutch Institute for Vulnerability Disclosure found the problem and were helping Kaseya plug the hole long before the hackers found it”, yet if we are to believe ‘long before the hackers found it’ I wonder why Kaseya was continuing on the path they were. More important, if that was really true, why was Kaseya not monitoring the situation 24:7? In my case the story is not completed, I am creating it (almost) on the go. Kaseya is seemingly in a stage where they are in denial. First a few, then up to a 1,000 and now, after other sources give us a stage that sets the premise to up to 100,000, some sources give us ‘Between 800 and 1,500 companies potentially affected by Kaseya ransomware attack’, I get it, it is optional a seesaw that is balancing between optionally managing bad news and the speculative media on the other end of the seesaw. Neither side is overly reliable in my personal view. Yet the BBC gives us “the way the cyber-security world has pulled together to reduce the impact of the attack has been incredible”, you see, I have been involved in IT work since 1982, I have never seen competitors pull together, so the story of ‘the cyber-security world has pulled together’ remains debatable. They are all scared, they wanted solutions faster, automated and cheaper, it is like the house where you can choose 2 out of three, now the choice is nil, because the underlying factors are haywire. In this setting, and yes, this is all speculative. We have a solution that is faster/slower, automated/manual and cheap/expensive. They wanted it fast, but that requires matching hardware and software. This is where ‘plugging the hole’ is a problem, as such there was never a cheap solution. Then there was the automated setting, that is the one that they could pull off, but in a stage where there is too little security, and if ‘long before the hackers found it’ is to be believed, I speculate that the need was manual when the wrong parties opted for automated. And in the third we have cheap and expensive. They needed a solution that was cheap, but they needed a lot more expensive elements. This is ALL speculation, but the setting where we see system after system fail, in my personal opinion is all a setting towards shortcuts and that led to the weakness we now see exploited. I personally believe that players like Kaseya are too plenty and when we see ‘the cyber-security world has pulled together’, we see a stage where they all have a seemingly fat meal, they all get to set a field of limitations for all others and that will have long term repercussions. Microsoft, Solarwinds, Kaseya are examples that how us that the hackers are gaining more and more advantage and that is the larger stage. In this setup hell will get one happy resident and it is not the ruler of hell, I will let you consider who I am talking about and it is not a player that is mentioned in this article, neither is REvil, they seemingly found a gap that they exploited hoping to bank $70,000,000 but the stage is out there and the snippet “were helping Kaseya plug the hole long before the hackers found it” is merely a factor, so how long did the plugging take and why was it not successful? The words ‘long before’ should be an indication. So why are we (clearly) seeing several facts and the hack was still successful? The article is (at https://www.bbc.com/news/technology-57719820) merely one factor, the amount of MSP’s are another and the lack of alarms is a third part. A dangerous setting of cheap, seemingly fast and proclaimed automated systems in a stage where no one was the wiser. Consider a fast automated system without proper alarms and without logs, and that is merely one player using (or claiming to have) cloud solutions. A stage that is no solution (ask COOP in Sweden if you doubt me) and one that hands over cash to organised crime. How much risk are you willing to take with your business?