The supply-chain ransomware (opens in new tab) attack recently perpetrated by REvil via a malicious Kaseya update could already have affected more than 1500 businesses across the world.
Speaking to Reuters (opens in new tab), Kaseya CEO Fred Voccola said it was difficult to pin down the exact number of targets, since the victims were customers of its customers.
Kaseya builds tools to help Managed Service Providers (MSP) manage the IT infrastructure of businesses, many of whom can’t afford to keep dedicated staff to man their network.
- These are the best ransomware protection tools (opens in new tab)
- Protect your devices with these best antivirus software (opens in new tab)
- Here's our choice of the best malware removal (opens in new tab) software on the market
In one of the most daring ransomware attacks (opens in new tab), REvil compromised one of Kaseya’s tools for MSPs and used it to deploy ransomware on the computers of businesses around the world, claiming to have infected “over a million systems.”
Who blinks first?
While Voccola’s estimates sound more plausible than REvil’s, experts who spoke to Reuters suggest that the true impact of the hack will emerge after America opens for business on Tuesday, following the July Fourth holiday weekend.
Beyond the US, the attack did manage to trickle down to the populace at large in other parts of the world, most notably in Sweden, where the attack led to the closure of hundreds of Coop stores.
While claiming responsibility for the attack, REvil demanded $70 million as ransom to unlock the data on infected systems.
Speaking to Reuters, Voccola refused to say whether he was ready to take the hackers up on the offer.
"I can't comment 'yes,' 'no,' or 'maybe'," he told Reuters, adding "No comment on anything to do with negotiating with terrorists in any way."
However, REvil is also inviting individual victims to cough up anywhere between $50,000 and $5 million, depending on the size of the impacted corporate network. Cybersecurity (opens in new tab) expert Kevin Beaumont shared on Twitter (opens in new tab) that he’s seen some of the victims haggling with the threat actors to restore access to their systems.
- We've put together a list of the best endpoint protection (opens in new tab) software