The Kaseya VSA Ransomware Attack

Last updated on November 9, 2021 by Cyber Defense Trends

The Kaseya attack was an attack on tools that Managed Service Providers use. A Managed Service Provider is a company that offers IT services to many customers.

By attacking the tool that MSP's use, REvil was able to get at more customers than if they targeted a tool that only customers use. One MSP may look after the IT infrastructure of a handful, or of hundreds of customers, and thus by attacking the tool that MSP's use to manage all of their customers, hitting the MSP in turn hit all of the customers supported by those MSPs.

Update November 9, 2021
REvil, who carried out the attack in July of 2021, were brought to justice in November 2021. The US Department of Justice (DOJ) and Europol communicated on Monday November 8, 2021 that two of the alleged members of REvil had been arrested. The arrests were made in Romania and Ukraine.

REvil was brought to justice by the combined efforts of the FBI, with Cyber Command, and the Secret Service collaborating with organizations from multiple companies who worked together to go after, and take down REvil's online presence and operations.

Copyright © 2018 to 2022 Cyber Defense Trends

PRIVACY No personal data shared through this site will ever be disclosed or shared to any third party. We welcome guest posts and feedback.