REvil ransomware against Kaseya, limited impact

Kaseya provided an update onransomware attack against its IT service management platform. The US firm says only 50 MSPs (Managed Service Providers) and between 800 and 1,500 small and medium-sized businesses were affected. The White House Spokesperson has declared that the US will act directly if the Russian government does nothing to stop cybercriminals. Ransomware attack: updates from Kaseya The ransomware attack, attributed to the REvil group, was carried out on July 2 against some MSPs that use the Kaseya VSA platform for IT management of the computer systems of various companies. Following the reports received, the Florida company asked customers to shut down their servers to prevent the spread of malware. As a preventative solution, the SaaS infrastructure was also deactivated. Cybercriminals have exploited Kaseya VSA vulnerabilities to bypass authentication and execute arbitrary code. The ransomware was then distributed through a fake software update. REvil asked for a ransom of up to $ 70 million (the price is recently dropped to 50 million) for a “universal decryptor” (payment in Bitcoin or Monero). Kaseya says that about 50 MSPs have been hit out of over 35,000 and only a limited number of companies (between 800 and 1,500) out of the 800,000-1,000,000 managed by MSPs. The company requested FireEye’s cooperation and communicated the incident to CISA, the FBI and the White House. Kaseya issued a Compromise Detection Tool which allows you to analyze systems to detect the presence of ransomware. FBI and CISA have issued a list of tips for MSPs, including enabling multi-factor authentication. Officially the ransomware attack has not been attributed to anyone, but security experts believe it is the work of the Russian-based REvil group. White House Spokesperson Jen Psaki said there will be a meeting with the Russian government in the coming days. If the Kremlin does nothing against these cybercriminals, the United States will take action.

Categories:   Security