Who’s behind the Kaseya ransomware attack – and why is it so dangerous?
Hackers last week infiltrated a Florida-based information technology firm and deployed a ransomware attack, seizing troves of data and demanding $70m in payment for its return.
The hack of the Kaseya firm, which is already being called “the biggest ransomware attack on record”, has affected hundreds of businesses globally, including supermarkets in Sweden and schools in New Zealand.
In the aftermath of the attack, cybersecurity teams are scrambling to regain control of the stolen data while the Biden administration is mulling potential diplomatic responses. Here’s what you need to know about the attack, its impact, and what’s next.
Hackers infiltrated Kaseya, accessed its customers’ data, and demanded ransom for the data’s return. Making the hack particularly grave, experts say, is that Kaseya is what is known as a “managed service provider”. That means its systems are used by companies too small or modestly resourced to have their own tech departments. Kaseya regularly pushes out updates to its customers meant to ensure the security of their systems. But in this case, those safety features were subverted to push out malicious software to customers’ systems.
This hack was particularly egregious because the bad actors behind it had targeted the very systems typically used to protect customers from malicious software, said Doug Schmidt, a professor of computer science at Vanderbilt University.
