Security News > 2021 > July > CISA, FBI share guidance for victims of Kaseya ransomware attack
CISA and the Federal Bureau of Investigation have shared guidance for managed service providers and their customers impacted by the REvil supply-chain ransomware attack that hit the systems of Kaseya's cloud-based MSP platform.
The two federal agencies advise MSPs affected by the Friday REvil attack to further check their systems for signs of compromise using a detection tool provided by Kaseya over the weekend and enable multi-factor authentication on as many accounts as possible.
National Security Council July 4, 2021 REvil hits Kaseya customers in largest ever ransomware attack.
The massive REvil ransomware attack hit multiple managed service providers who are using Kaseya's cloud-based MSP platform for patch management and client monitoring for their customers.
To breach Kaseya on-premises VSA servers, the REvil affiliate behind the attack used a zero-day vulnerability - Kaseya VSA is a RMM software.
The REvil ransomware group claims to have encrypted over 1,000,000 systems and first demanded $70 million for a universal decryptor to decrypt all Kaseya attack victims.
News URL
Related news
- CISA and FBI: Ghost ransomware breached orgs in 70 countries (source)
- French govt contractor Atos denies Space Bears ransomware attack claims (source)
- CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- Casio says data of 8,500 people exposed in October ransomware attack (source)
- Preventing the next ransomware attack with help from AI (source)
- Ransomware on ESXi: The mechanization of virtualized attacks (source)
- CISA orders agencies to patch BeyondTrust bug exploited in attacks (source)
- OneBlood confirms personal data stolen in July ransomware attack (source)
- CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks (source)