CEO Fred Voccola believes that the Kaseya ransomware attack affected between 800 and 1,500 businesses worldwide. The CEO of US tech firm Kaseya said that the majority of those locked out of their data were customers of Kaseya’s clientele.
Kaseya Ransomware Attack
Kaseya is an American IT company that provides software tools to outsource companies. These are companies that handle back-office jobs for small and medium clients. These clients prefer to have their IT departments outsourced to save on costs.
Hackers managed to hijack one of Kaseya’s tools, allowing them to seize control of hundreds of businesses across the world. While many of those affected consisted of small, mom-and-pop operations, there were some big-ticket clients that faced major disruptions.
This includes a supermarket chain in Sweden, which had to close hundreds of stores due to cash register failures. The ransomware attack also affected schools and kindergartens in New Zealand, leaving students offline for the day.
$70 Million For Ransomware Attack
The hackers who claimed responsibility for the ransomware attack already stated their wish for a $70 million payday. They also showed a willingness to negotiate a lower fee in exchange for releasing affected businesses’ information. In fact, the group said they’re willing to resume talks directly with Kaseya management, or through the Reuters news agency.
“We are always ready to negotiate,” a representative of the hackers told Reuters earlier Monday. As expected, the spokesperson did not give his name nor say what group he represents.
Voccola Non-Committal If He Will Pay The Ransomware
For now, Voccola has yet to indicate if Kaseya will pay the ransom or negotiate for a lower payment. When asked whether his company would talk to or pay the hackers, he said that he doesn’t know. “I can’t comment yes, no, or maybe. No comment on anything to do with negotiating with terrorists in any way.”
Voccola did confirm that he already communicated with White House officials.on the matter. He also coordinated with the Federal Bureau of Investigation and the Department of Homeland. However, he did not disclose what the feds told or taught him.
How The Ransomware Attack Happened
The hackers involved in the Kaseya ransomware attack exploited multiple previously unknown vulnerabilities in its IT management software. Marcus Murray, the founder of TrueSec Inc., said that hackers targeted many of the victims opportunistically. Hackers used a previously unknown flaw in Kaseya’s code to push ransomware to servers that used the software.
Meanwhile, the Dutch Institute for Vulnerability Disclosure said it alerted Kaseya to multiple vulnerabilities in its software. Hackers did manage to exploit these identified vulnerabilities, and Kaseya already started working to fix the problem when the ransomware attack happened. The DIVD said that the software company “showed a genuine commitment to do the right thing,” but the hackers managed to beat them to the punch.
Russians Behind The Hack?
The DIVD strongly suspects that the Russian hacker collective REvil is the entity responsible for the attack. REvil’s name also turned up as the primary suspect behind the May 30 ransomware attack on meatpacking giant JBS SA.
Watch TRUESEC demonstrate how the Kaseya mass ransomware happened:
What do you think of this latest ransomware attack? Is nobody safe from hackers?
Tell us what you think about hackers and ransomware. Share your thoughts in the comments section below.