- Enterprise technology company Kaseya confirmed that between 800 and 1,500 customers were affected as a result of an attack on its remote device management software.
- It is the most colossal ransomware attack to massively target thousands of companies around the world.
Bogota, Colombia (July 6, 2021) – ETEK International Corporation today warned of a new ransomware attack, perhaps the largest in the world, that affected thousands of organizations in 17 countries using VSA remote device management software from Kaseya, an IT provider based in Miami, Florida.
Although the attack began last Friday, July 2, the damage began to be seen as of Tuesday, July 6, due to the return to work after a long weekend in the United States for the 4th of July Independence Day celebrations.
In an interview with Reuters, Kaseya CEO Fred Voccola said that it is difficult to measure the full impact of the attack, but the company believes that between 800 and 1,500 companies worldwide have been affected.
Meanwhile, CNN reported that the REvil ransomware group had demanded a payment of $70 million in bitcoin to restore the affected companies’ data.
REvil is a cyber-terrorist organization that extorted $11 million from JBS last month after attacking its IT infrastructure.
“This is without a doubt the largest ransomware attack ever recorded,” said Praveen Sengar, CEO of ETEK. “Everyday ransomware attacks are becoming more structured, widespread and lucrative for hackers, who target critical infrastructure, utilities and – in this case – IT providers to encrypt victims’ data and demand money to restore access to it.”
This new ransomware has affected a wide range of companies and public entities in the UK, South Africa, Argentina Canada, Indonesia, Mexico, New Zealand, and Kenya, among other countries.
One victim – the Coop supermarket chain – had to close most of its 800 stores in Sweden for three consecutive days, as it was impossible to use the cash registers. “This is part of a larger global event targeting U.S. software company Kaseya,” Coop said in a statement.
In the face of the expanding attack, the U.S. Cybersecurity and Infrastructure Agency (DHS CISA) said in a statement that it was taking steps to understand and address the recent attack against Kaseya and its multiple managed service providers (MSP)
Kaseya, for its part, is inviting customers using its VSA tool to immediately shut down all of its servers, which operate on a subscription (SaaS, Software-as-a-Service) basis.
At the same time, Kaseya said it met with DHS CISA and the FBI “to discuss systems and network hardening requirements before service restoration for on-premises and SaaS customers.”
- A ransomware attack against companies using Keseya’s VSA remote device management software.
- It’s the largest global ransomware attack ever seen
- Between 800 and 1,500 companies have been affected worldwide
- Cyber-terrorist group REvil demands $70 million payment for unlocking the data
- ETEK suggests taking immediate steps to reduce risk and implement robust defenses to protect data
“We are facing a large and growing global cyber threat,” concluded Praveen Sengar. “Organizations must take immediate steps to reduce risk and put in place robust defenses to protect their digital assets, infrastructure, and business-critical data.”