- Some 200 businesses in the United States were left derailed on July 2 after a ransomware attack targeted Kaseya, used for network monitoring, as well as tech maintenance automation.
- The perpetrators behind this latest hack altered Kaseya’s VSA, used by firms offering technology management services to other small-scale businesses.
- The hackers carried out the simultaneous encryption of the files of the customer base of these service providers.
MIAMI, Florida.: Some 200 businesses in the United States were left derailed on July 2 after a ransomware attack targeted a crucial and extensively deployed software tool from Florida firm Kaseya Limited used for network monitoring, as well as tech maintenance automation.
The perpetrators behind this latest hack altered Kaseya’s VSA, used by firms offering technology management services to other small-scale businesses. The hackers carried out the simultaneous encryption of the files of the customer base of these service providers.
Huntress, a cybersecurity company, stated that it was looking into tracing eight managed service providers used by the hacking party as a platform to compromise the systems of some 200 clients.
According to information on Kaseya’s website, a probe was ongoing into a “potential attack” on its VSA, which IT experts deploy in the management of server systems, workstations, and networking and printing devices.
Kaseya spoke of having conducted a partial infrastructure shutdown in the wake of the breach and appealed to clients using its tool at their locations to promptly shut down their server systems.
“This is a colossal and devastating supply chain attack,” according to John Hammond, a senior-level researcher at Huntress, as quoted by Reuters.
He described the attack as a progressively noteworthy hacking method in which a software chunk is tampered with, thereby resulting in a cascading effect wherein up to several thousand customers could be compromised instantaneously.
While drawing reference to the wide scope of services offered by Kaseya spanning large establishments to smaller-scale firms, the security firm believes “it has the potential to spread to any size or scale business.”
