On July 2nd 2021, Kaseya, the developer of software that allows remote management and remote control of IT assets, announced it was attacked by hackers using a vulnerability in their software. This attack caused a tidal wave of downstream ransomware to be delivered to small to medium businesses around the globe.
Conflicting accounts of the actual damage caused has been from multiple sources. The most recent Kaseya corporate statement alluded to “Up to 1,500 small businesses have been impacted” while the linked Russian hacking group claim that more than 1,000,000 systems were impacted and demanded 70M in ransom to provide the decryption key. What is clear is that “hundreds of businesses have had to close down because of the incident”. Hopefully the calls for transparency will create a more clear picture of the damage in the days to come.
The attack occurred when hackers exploited zero-day holes in the Kaseya software. A Dutch research group found the zero-day vulnerabilities before the hacking incident and alerted Kaseya about the issue. It is not clear exactly when Kaseya was made aware of the vulnerabilities or what steps were taken to remediate the issue before the incident began.
Hacking incidents are growing in frequency and in the damage / financial impact on an almost hourly basis. The demand for stronger IT Security for all businesses connected to the Internet is outpacing the availability of IT Security professionals. The growing number of job openings for qualified IT Security professionals is has grown from 2M vacancies to over 3M in under a year.
Network Essentials does NOT use Kaseya products, although this attack could quite easily have attacked our managed services software vendor. We are constantly working with industry experts, vendors and peers to stay ahead of the evolving threats we are all facing.
If you need assistance reviewing your IT Security plans / policies call 704.206.8900 or submit a form on our website.