5 Must-Know Facts About the Kaseya Ransomware Attack

On July 2, 2021, several businesses worldwide were left paralyzed due to a ransomware attack on the US technology firm Kaseya. The supply chain attack impacted Kaseya’s direct customers and downstream businesses. The file-encrypting malware targeted Kaseya’s VSA and the multiple managed service providers (MSPs) that employ the VSA software.

This incident adds to the growing concern around ransomware attacks, which are here to stay for the foreseeable future. Our previous post on ransomware discusses some best practices that you can incorporate to protect your data against similar threats.

This piece will discuss some key facts about the attack and its impact that can help you analyze the situation better.

1. What is Kaseya?

Kaseya is a privately-held company based in Dublin, Ireland, with its headquarters in Miami. The company provides software solutions for remotely managing a company’s IT networks and devices. The software is used by MSPs for performing IT tasks remotely.

2. What is the nature of the attack?

Details regarding the initial compromise are still unclear. So far, the attack appears to have affected companies that run Kesaya VSA on-premises and not as SaaS from the cloud.

3. What is the extent of the attack?

Though the attackers claim to have compromised more than 1 million computers, Kaseya stated that the threat had been limited to only a small number of its on-premises customers.

On Friday, the company had warned its customers to “immediately” shut down their on-premise servers and it proactively shut down its SaaS servers as a precautionary measure.