In what could be termed as the most shocking incident ever, almost hundreds of American businesses suffered from a sophisticated ransomware attack that hijacked technology management software from a Miami-based supplier called Kaseya.
The attackers then converted a Kaseya tool called VSA which is used by companies that manage technology at smaller businesses. After that they encrypted the files of those providers` customers simultaneously.
Huntress further revealed that tracking eight managed service providers that had been used to infect some 200 clients is quite a task.
Kaseya divulged on its website that it was investigating a “potential attack” on VSA, which is further used by IT professionals to manage servers, desktops, network devices and printers.
Be a Guest SpeakerAdvert
It further revealed that it had shut down some of its infrastructure in response and it was further urging customers that used VSA on their premises to immediately turn off their servers.
“This is a colossal and devastating supply chain attack,” Huntress senior security researcher John Hammond said in an email.
Hammond added that due to Kaseya’s involvement in everything from large enterprises to small companies “it has the potential to spread to any size or scale business.”
Some of the employees at service providers said that their clients had been severely hit before they could get a warning.