Ransomware Gang Behind Kaseya Attack Demands $70 Million

Share post:

The ransomware group REvil, which has taken responsibility for the attack on the IT company Kaseya and its customers, has offered a universal decryption key at a record price of $70 million.

Kaseya, a well-known business IT company, is the latest victim of REvil’s data encryption attack.

The attack on Kaseya appears to be financially motivated, but its impact is similar to the Kremlin-backed attack on SolarWind’s Orion network management software.

The attack exploited a zero-day or previously unknown vulnerability in the Kaseya VSA.

U.S. President Joe Biden said the U.S. believed the Kremlin had nothing to do with the attack.

On Sunday, Anne Neuberger, deputy national security adviser for cyber and new technologies, instructed victims to report incidents to the FBI’s IC3 (Internet Crime Complaint Center).

VSA customers are advised to download the VSA detection tool, which helps security teams find REvil components on their networks.

It is also recommended that VSA customers require multifactor authentication for each account, not just administrator accounts with high privileges.

VSA customers were also urged to implement an authorization list to restrict communication with remote monitoring and management (RMM) capabilities to known IP address pairs and/or to place RMM administrative interfaces behind a virtual private network (VPN) or firewall on a dedicated administrative network.

For more information, read the original story in ZDNet.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, Week in Review for Friday, December 8, 2023

This episode features discussion on cyber attacks against OT networks, the discovery of exposed servers with medical images and  why outdated Microsoft Exchange servers are s

Canadian mid-sized firms pay an average $1.13 million to ransomware gangs

Survey for Palo Alto Networks also shows fewer firms willing to pay da

Cyber Security Today, Dec. 8, 2023 – Ransomware is increasingly impacting OT systems, and more

This episode reports on how hackers break into AWS cloud instances, fake anti-Ukraine online ads  using photos of celebrities

Canadian privacy czars release principles for responsible development of AI

The principles remind AI developers they have to follow Canadian data pr

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways