Kaseya, a software program firm that gives companies to greater than 40,000 organizations all over the world, stated on Friday that it was investigating the chance that it had been the sufferer of a cyberattack.
The firm urged clients that use its programs administration platform, referred to as VSA, to right away shut down their servers to keep away from the potential for being compromised by attackers.
“We are experiencing a potential attack against the VSA that has been limited to a small number of on-premise customers only,” the corporate posted on its web site, referring to organizations that maintain their software program at their very own websites slightly than housing it with a cloud supplier. “We are in the process of investigating the root cause of the incident with the utmost vigilance.”
Kaseya didn’t reply to a request for remark.
John Hammond, a researcher on the cybersecurity firm Huntress Labs, stated that at the very least eight firms that present safety or expertise instruments for a whole lot of different small companies may need been “compromised” by the Kaseya assault. He added that REvil, a Russian cybercriminal group that the F.B.I. stated was behind the hacking of the world’s largest meat processor, JBS, in May, was almost certainly accountable.
Some of the affected firms have been being requested for $5 million in ransom, Mr. Hammond stated. At least 200 firms have been in danger, Huntress stated.
“Kaseya handles large enterprise all the way to small businesses globally, so ultimately, it has the potential to spread to any size or scale business,” Mr. Hammond stated. “This is a colossal and devastating supply-chain attack.”
The United States Cybersecurity and Infrastructure Security Agency additionally described the incident in a assertion on its web site as a “supply-chain ransomware attack.” It urged Kaseya’s clients to close down their servers and stated it was investigating.
Hackers have carried out a slate of outstanding cyberattacks towards U.S. firms in current months, together with JBS and Colonial Pipeline, which strikes gasoline alongside the East Coast. Both have been ransomware assaults, by which hackers attempt to shut down programs till a ransom is paid. The online game firm Electronic Arts was additionally lately hacked, however its knowledge was not held for ransom.