According to cybersecurity firm Huntress Labs Inc, a compromise at the Miami-based IT firm Kaseya resulted in ransomware assaults on over tens of thousands of American organizations.
What happened was this: According to Reuters, the attackers altered a Kaseya program called VSA on Friday, which is used by the company to deliver IT services mostly to small and medium-sized enterprises.
According to Huntress, this is a massive and destructive supply chain attack, and the REvil ransomware gang is to fault. REvil is one of the ransomware groups that steals data from victims before launching the malware, bolstering their extortion operations.
By getting access to the MSP clients’ systems, the ransomware attack posed a hazard to them. According to the security firm, 20 MSPs have been compromised so far. The organization was keeping track of eight managed service providers who were responsible for infecting over 200 clients.
This ransomware attack has hit two large MSPs: SYNNEX Corporation (NYSE: SNX) and Avtex LLC.
Kaseya stated on its website that it was looking into the suspected attack on VSA. The corporation has also shut down portions of its infrastructures, and clients that used VSA on their premises have been ordered to promptly turn off their servers.
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency stated it was “taking measures to understand and address the recent supply-chain ransomware incident” against Kaseya’s VSA product.
Why Does It Matter? President Joe Biden suggested $750 million in funding for federal entities affected by the SolarWinds Corp (NYSE: SWI) hack last month to pay for cybersecurity enhancements to prevent the attack. A $500 million fund for technological modernization has also been proposed.
A total of $110 million has been set aside for the Cybersecurity and Infrastructure Security Agency, as well as $15 million for the Office of the National Cyber Director.
According to a New York Times investigation, when asked to describe the greatest threat to their companies, the CEOs of Wall Street’s six largest banks all said “cybersecurity.”
Because of rising nation-state cyberattacks targeting critical infrastructure, cyber attackers have developed a firm foothold in recent years.
The federal government and financial institutions, according to the paper, have formed information-sharing groups, conducted tabletop exercises, and invested extensively in cybersecurity. JPMorgan Chase & Co. (NYSE: JPM) invests over $600 million in cybersecurity each year.
Experts, on the other hand, warn there are substantial gaps in knowledge and planning for a cyberattack on Wall Street.
(C) 2021 Benzinga.com, methodshop from Pixabay. Benzinga does not offer financial advice. All intellectual property rights are reserved./n
