Kaseya CEO at Center of Massive Ransomware Attack Says 'It Totally Sucks'

“We all have to take a step back and realize this is the world we live in.”
July 6, 2021, 2:40pm
ceo

Days after a ransomware gang hit hundreds of companies who were customers of Kaseya, a company that sells managing software, the company released a video officially addressing the impact of the massive breach that occurred over the weekend. In the video, CEO Fred Voccola detailed the scope and the company’s next steps following the ransomware attack.

“It totally sucks,” he said in the video as he noted that ransomware attacks like this have become an unfortunate part of the tech industry. “We all have to take a step back and realize this is the world we live in.”

According to the company's estimates, approximately 50 Kaseya clients were directly impacted. Many of their clients are managed service providers that offer IT services to other businesses, which brings the real number of those affected to approximately 800-1,500 businesses around the world, Voccola said.

The ransomware attack, carried out by cybercriminal group REvil, impacted customers who used Kaseya’s VSA product for remote monitoring and management. The attack encrypted all of their data and rendered the computers unusable. 

Advertisement

It appears that REvil had exploited a flaw that Kaseya and the Dutch Institute for Vulnerability Disclosure had already encountered and were working to fix. Kaseya VSA users have remained offline since then.

REvil is now demanding victims pay them $70 million in Bitcoin to publicly publish a decryptor, according to a post made on their dark web blog. 

“It’s just a business. We absolutely do not care about you and your deals, except getting benefits,” REvil's instructions read, according to screenshots on WeLiveSecurity. “If you will not cooperate with our service - for us, it does not matter. But you will lose your time and data… In practice - time is much more valuable than money.” 

Kaseya is currently in the process of developing a patch for customers to help bring them back online. Its update also mentioned that the company met with the FBI and CISA to discuss other methods of strengthening its cybersecurity before it restores clients’ access to its services. 

Kaseya is also offering a Compromise Detection Tool, which it says has already been downloaded by over 2,000 customers since Friday.