The attack on Kaseya, a Florida-based software developer, last week was the biggest ransomware attack on record, affecting hundreds of businesses including supermarkets in Sweden and schools in New Zealand. It was reportedthat between 800 and 1500 businesses were paralyzed by the hack. Some independent researchers pegged the figure closer to 2000. Based on the analysis of Sophos Labs, there were at least 145 victims from the United States including medium-sized businesses.
Kaseya is a managed service provider, it regularly pushes out updates to customers and ensures the security of its VSA product. Unfortunately, the safety features of the systems can no longer perform their functions because of the malicious software pushed out by the hackers. According to Doug Schmidt, a professor of computer science at Vanderbilt University, Kaseya’s ransomware attack successfully hit the central system used to protectcustomer data and the hack was totally different than what they normally see. Schmidt said, “If you can attack someone through a trusted channel, it’s incredibly pervasive – it’s going to ricochet way beyond the wildest dreams of the perpetrator,
Russian group, REvil Who is behind the Kaseya Ransomware Attack?, was responsible for the ransomware attack in Kaseya extorting to pay $70 million as ransom. This group attacked also attacked JBS, the largest beef supplier, and paid the ransomware hackers. CEO, Fred Vocolla, could not confirm whether Kaseya would pay the ransom money or attempt a negotiation. If Kaseya chooses to pay the ransom, it could exacerbate a ransomware arms race, improve operations, acquire better equipment and skills. President Biden made clear that if the Russian government does not act on the REvil RaaS group, the US government will.