News

All you need to know about REvil’s $70M Kaseya ransomware attack

Last Friday was quite a doozy in the cybersecurity world: a Russia-linked REvil ransomware gang is believed to be behind a massive ‘supply chain’ attack that crippled hundreds of businesses across the US and elsewhere. Now, the group wants $70 million in exchange for a tool to decrypt the files they’ve locked on victims’ networks.

The Record’s Catalin Cimpanu reported that REvil has claimed responsibility for the attack and put out the call for the enormous ransom. If paid, it would make this the largest ransomware incident in history.

At the same time, US President Biden said on Sunday “we’re not certain” who was behind the attack, and he’s directed intelligence agencies to investigate.

How did this happen?

Last week’s attack targeted VSA, a piece of software developed by an American IT management software company called Kesaya. VSA is a tool used to remotely manage an organization’s servers and other hardware, as well as software and services.

VSA is used by large corporations, as well as service providers who manage system administration for smaller companies that don’t have their own IT departments.