US tech firm faces ransomware attack, to pay $70m
After the June ransomware attack on Colonial Pipeline, a company that distributes much of the fuel to the eastern seaboard of the United States, another attack was launched just last week on the tech firm Kaseya.
The ransomware attack, believed to be launched by Russian attackers, has compromised remote management and monitoring software. In a statement released by the firm, they said that “Of the approximately 800,000 to 1,000,000 local and small businesses that are managed by Kaseya’s customers, only about 800 to 1,500 have been compromised.”
The attackers have demanded $70 million in exchange for a universal decryption key that would resolve the issue for Kaseya, its managed service provider (MSP) customers, and MSPs’ customers.
While no damage to the majority of critical infrastructure has been reported, it has forced the closure of numerous cooperative supermarket stores in Sweden to replace their cash registers.
A previously unknown flaw in the tech firm’s VSA software was exploited by the attack, affecting customers with on-premise VSA servers. In response to this, Kaseya took its VSA software-as-a-service (SaaS) product offline and brought it online on July 6.
White House press secretary Jen Psaki said that a high level member of the US national security team has been deployed to get in touch with Russian officials to discuss the attacks.