The gang behind this attack - REvil - is the same one the Federal Bureau of Investigation said attacked JBS a few weeks ago.
The attack against Kaseya’s systems is the latest in a series of recent attacks against critical infrastructure and manufacturing companies across the United States: Colonial Pipeline, Molson Coors, and JBS Foods. Data is the lifeblood of a modern company - when ransomware encrypts the files and makes it inaccessible, it brings that company to a standstill. Ransomware has been around for years but has surged recently, with nearly 2,400 governments, health care systems, and schools in the country hit by ransomware in 2020, according to a Ransomware Task Force report.
The company said SaaS and hosted VSA servers “will become operational once Kaseya has determined that we can safely restore operations.” The CEO was also a little more contrite, admitting “I feel like I let this community down, I let my company down, our company let you down.The company shut down the servers for the software-as-a-service version of its tool as a precautionary measure, despite not having received any reports of a compromise affecting SaaS and hosted customers.
Voccola shot this video in his home, and it was a rather more rustic version than his previous effort – complete with sound glitches and dubious focus. “Throwing money at problems is not a way to solve them,” Voccola said, but “it is better than not throwing money at them. The CEO also sketched a program of cash assistance for Kaseya customers that he said will resemble payments made in March and April 2020. Kaseya says it's seen no sign of supply chain attack, sets SaaS restoration target of Tuesday afternoon, on-prem fix to follow.Report shines light on REvil's depressingly simple tactics: Phishing, credential-stuffing RDP servers.
Bogus Kaseya VSA patches circulate, booby-trapped with remote-access tool.“We feel extremely confident … we will have customers coming back online,” Voccola said.
0 kommentar(er)
