Hundreds of businesses around the world have been reportedly affected by a recent ransomware attack on an IT firm “Kaseya”. The attackers attempt this hacking by changing a Kaseya tool named VSA, which is widely used by tech professionals. They cracked the encryption code to gain access to the files of IT management companies that use VSA to manage servers, computers, network devices, and printers. Huntress, a security firm, also identified the eight management service providers who were exploited to attack 200 firms.
Kaseya software is used in several large and small tech management companies which are responsible for managing the IT devices of many well-known companies. As a result, numerous firms may face major consequences due to this data breach. “The hackers demanded $5 million not to disclose the data on the web,” a private security executive stated. The Cybersecurity Agency, on the other hand, is currently addressing the issue and ensured both the software firm and its clients take prompt action against the hackers.
Hacking software to obtain a firm’s clients’ data has become very common in recent years; however, this is a very delicate topic that should be resolved because it puts hundreds or thousands of company’s sensitive data at risk. It has been discovered that companies that use common passwords and do not adopt two-factor authentication are more vulnerable to cyber-attacks. As a result, IT firms must use a unique password and implement two-factor authentication while developing their software or websites. Kaseya issued a statement on its website stating that it is examining a “Ransomeware attack” on VSA.
Following the event, the software company shut down some of its infrastructures and asked its customers to shut down their servers as well to avoid furthermore data breach. According to sources, the cyber attack incident occurred so quickly that service providers didn’t even get time to tell their clients to shut down their systems.