Kaseya ransomware attack on its thousands of customers
On America's big day of 4th July, a Russia-driven Hacker group was planning its own attack on a SaaS (Software as a Service) company of Miami.
Kaseya: IT Management Software company was attacked by a Russian group named REvil on a Saturday morning.
The attack has been thought to paralyze the networks of around 200 small and large companies. Kaseya confirmed that they were attacked by a "sophisticated cyberattack" on its VSA Software - a set of tools used by the IT department of the company to manage and monitor computers remotely.
Kaseya asked its 40,000 customers to immediately drop the usage of their software until the situation gets better. The attacked proportion of their total customer base was just 0.1%. If proper security concerns were not being followed, the attackers could have an access to their entire customer base.
“I wouldn’t be surprised if it was thousands of companies,” said Fabian Wosar, the chief technology officer of Emsisoft.
Attack Details:
The attack was planned in a very cunning and smart way. It was designed to provide the criminals with the maximum return on investment, including the timing - on the eve of National Holiday when the responders can take time to react to the attack.
Kaseya was handling the data and networks of many small and medium-sized companies. A ransomware attack is a type of malware that attackers can deploy on a victim's computer network to encrypt files.
With ransomware, the attacker first gains access to the sensitive files of the organization and then asks to pay huge sums of money in the form of Bitcoin or millions of pounds.
Repercussions of the attack:
The USA has tracked down the attackers and doubts that REvils group of Russia is behind this ransomware attack.
The cyberattack just happened days after President Biden met with Russian President Vladimir Putin in Geneva, warning him that the United States would hold Moscow accountable for the attacks that originated in Russia.