Hundreds of US businesses hit by ‘colossal’ cyber-attack
Kaseya claims the attack hit only a few clients, but security firm Huntress Labs estimates the number is higher
For free real time breaking news alerts sent straight to your inbox sign up to our breaking news emails
Sign up to our free breaking news emails
Nearly 200 businesses were hit on Friday by a “colossal” ransomware attack that targeted widely used software from Kaseya, a Miami-based supplier.
The US government’s Cybersecurity and Infrastructure Security Agency (CISA) said it is taking action to understand the recent supply-chain ransomware attack against Kaseya VSA
The attackers changed a Kaseya tool called VSA, used by firms that manage technology at smaller businesses. They then encrypted the files of those providers’ customers simultaneously.
CISA urged organisations to review the Kaseya advisory and immediately follow their guidance to shutdown VSA servers.
Security firm Huntress Labs said it was tracking eight managed service providers that had been used to infect some 200 clients. Kaseya said in a statement that only a very small percentage of customers were affected – estimated at fewer than 40 worldwide. Exact names of the companies hit by the attack are unknown.
“This is a colossal and devastating supply chain attack,” Huntress senior security researcher John Hammond said in an email, referring to an increasingly high profile hacker technique of hijacking one piece of software to compromise hundreds or thousands of users at a time.
Hammond added that because Kaseya is plugged in to everything from large enterprises to small companies “it has the potential to spread to any size or scale business.”
Many managed service providers use VSA, although their customers may not realise it, experts said.
Huntress Labs said it believed the Russia-linked REvil ransomware gang was responsible - the same group FBI accused for paralysing meat packer JBS and Acer, earlier this year.
The attack took place on Friday afternoon just in time companies across the US were setting off for the long holiday weekend.
Kaseya’s website says it has a presence in over 10 countries and more than 10,000 customers.
Includes reporting by Reuters
Subscribe to Independent Premium to bookmark this article
Want to bookmark your favourite articles and stories to read or reference later? Start your Independent Premium subscription today.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies