Ransomware Gang Behind Kaseya Attack Demands $70 Million

Share post:

The ransomware group REvil, which has taken responsibility for the attack on the IT company Kaseya and its customers, has offered a universal decryption key at a record price of $70 million.

Kaseya, a well-known business IT company, is the latest victim of REvil’s data encryption attack.

The attack on Kaseya appears to be financially motivated, but its impact is similar to the Kremlin-backed attack on SolarWind’s Orion network management software.

The attack exploited a zero-day or previously unknown vulnerability in the Kaseya VSA.

U.S. President Joe Biden said the U.S. believed the Kremlin had nothing to do with the attack.

On Sunday, Anne Neuberger, deputy national security adviser for cyber and new technologies, instructed victims to report incidents to the FBI’s IC3 (Internet Crime Complaint Center).

VSA customers are advised to download the VSA detection tool, which helps security teams find REvil components on their networks.

It is also recommended that VSA customers require multifactor authentication for each account, not just administrator accounts with high privileges.

VSA customers were also urged to implement an authorization list to restrict communication with remote monitoring and management (RMM) capabilities to known IP address pairs and/or to place RMM administrative interfaces behind a virtual private network (VPN) or firewall on a dedicated administrative network.

For more information, read the original story in ZDNet.


Related articles

Costs from Global CrowdStrike Outage Could Exceed $1 Billion

The global tech outage caused by a faulty CrowdStrike update on Friday could result in damages exceeding $1...

CrowdStrike update: Warnings from national cyber agencies, repair options from Microsoft

National cybersecurity agencies in the U.S., Canada, the U.K. and Australia issued security warnings about the faulty CrowdStrike...

CrowdStrike update causes global IT outages, fix is available

Some airlines, banks and government services around the world have been affected by a faulty software update for...

Charges dismissed in SolarWinds hacking case

A judge has dismissed most of the Securities and Exchange Commission's (SEC) fraud charges against SolarWinds related to...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways