Skip to content

Discerning Data

  • About Us
  • Additional Resources
  • Contact Us

DISCERNING DATA

A Faegre Drinker Blog Covering the Latest in Privacy, Cybersecurity and Data Strategy

  • Privacy
  • Cybersecurity
  • Data Strategy
  • Disruptionware

Kaseya: The Latest High-Profile Ransomware Attack

Share

On July 2, 2021, Kaseya Ltd., a Florida-based firm that provides software tools to thousands of primarily small and mid-sized businesses, became the latest victim of a high-profile ransomware attack. The attack is believed to have affected as many as 1,500 of Kaseya’s customers throughout the world, including at least 200 businesses in the United States. The attackers, who have claimed association with the Russia-linked REvil ransomware gang, have demanded an astronomical $70 million ransom to restore services for affected businesses.

The Kaseya attack was particularly devastating and effective because it was a supply chain attack, meaning it targeted a type of software that many other companies use to manage and distribute software updates. Thus, the attack not only affected Kaseya, but also potentially all of its customers.

The Kaseya attack appears to be two-pronged:

  1. First, the threat actors attacked dozens of managed service providers using a “zero day” attack against Kaseya’s Virtual Server Administrator, which is used to send out software updates to systems on Kaseya’s clients’ computer networks.
  2. Second, the threat actors deployed the REvil ransomware malware to those customers that relied on Kaseya as a managed service provider.

Recent reports indicate that Kaseya may have been aware of certain flaws in their Virtual Service Administrator software and that the company had been attempting to address these flaws before the attack was launched.

Kaseya’s software tools are used predominantly by small and mid-sized businesses, so the majority of victim companies affected globally were smaller businesses, such as dental offices or accountancies. There were, however, many serious repercussions to this attack. For example, Sweden was forced to close hundreds of affected supermarkets, and New Zealand reported that many schools were forced offline.

Earlier this month, President Biden signed an Executive Order establishing baseline cybersecurity standards for U.S. agencies and their software contractors. The Executive Order included mandates for, among other things, multi-factor authentication and data encryption. Similarly, in an effort to reduce attacks, the United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released a Ransomware Guide to increase awareness of some of the more common methods hackers use to gain entry into a system and how to avoid them.

Details on the specifics of the Kaseya attack are still being released to the public, so it is unknown how the threat actors gained access to Kaseya’s system. Kaseya also has yet to release any information regarding negotiations with the threat actors and whether any ransom has been paid.

This is yet another reminder that no company is immune to attack. Companies must be prepared for possible ransomware attacks and should look not only to their own systems, but also to those of their vendors, business partners, and other companies to which their networks may be connected or associated.

The material contained in this communication is informational, general in nature and does not constitute legal advice. The material contained in this communication should not be relied upon or used without consulting a lawyer to consider your specific circumstances. This communication was published on the date specified and may not include any changes in the topics, laws, rules or regulations covered. Receipt of this communication does not establish an attorney-client relationship. In some jurisdictions, this communication may be considered attorney advertising.

About the Author: Jane Blaney

Jane Blaney assists clients seeking solutions related to insurance matters, with concentrated knowledge in health insurance, health insurance regulation and technology services. View Jane's full bio on the Faegre Drinker website.

About the Author: Jason G. Weiss

Jason G. Weiss leverages a past career as a cybersecurity and computer forensics Supervisory Special Agent with more than 22 years of decorated service at the FBI to guide clients through the complex and high-stakes issues associated with cybersecurity incident preparedness and response and compliance. View Jason's full bio on the Faegre Drinker website.

About the Author: Peter Baldwin

Peter Baldwin draws on his experience as a former federal prosecutor to counsel clients facing government investigations and cybersecurity issues. View Peter's full bio on the Faegre Drinker website.

Receive Email Alerts to New Articles

SUBSCRIBE

July 14, 2021
Written by: Jane Blaney, Jason G. Weiss and Peter Baldwin
Category: Cybersecurity
Tags: cybersecurity, ransomware

Post navigation

Previous Previous post: Colorado Privacy Act: The Patchwork of State Privacy Regimes Grows
Next Next post: A New Sheriff in Town: Enforcement of the CCPA Picks Up Under Bonta

Search the Blog

Sign Up for Email Alerts

PODCASTS

Faegre Drinker on Law and Technology

©2023 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Lawyer Advertising.

  • About Us
  • Additional Resources
  • Contact Us
We use cookies to improve your experience with our website. By browsing our site, you are agreeing to the use of cookies. For more information about how we use cookies, please review our privacy policy and cookie policy. OK
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT