Monday, May 23

200 businesses hit by ransomware after incident at US IT firm -Huntress Labs

Article content

WASHINGTON — Cybersecurity company Huntress Labs said on Friday that 200 businesses have been hit by ransomware attacks following an incident at US IT firm Kaseya in Miami.

Kaseya, in a statement posted on its own website, said it is investigating a “potential attack” on a widely used tool to reach into corporate networks across the United States.

In the statement, Kaseya said its VSA tool – which is used by IT professionals to monitor and manage servers , desktops, network devices and printers – may have been attacked.

Article content

The company said it had shut down some of its infrastructure in response and that it had urged customers that used VSA on their premises “to immediately shutdown their VSA servers.”

Reuters was not immediately able to reach a Kaseya representative for further comment. Maryland-based Huntress did not immediately return a message seeking clarification on the nature of the businesses that were hit. In a post to Reddit, the company said it believed the Russia- linked REvil ransomware gang was to blame to the outbreak.

Although the precise outlines of the incidents are still unclear, cybersecurity officials have been on high alert over so-called supply chain attacks, intrusions which leverage vulnerabilities in one piece of software to break into large numbers of other organizations.

Last year, hackers alleged to be operating at the Russian government’s direction tampered with a network monitoring tool built by Texas software firm SolarWinds to break into nine federal agencies and about 100 private companies.

Kaseya has 40,000 customers for its products, though not all use the affected tool. (Reporting by Raphael Satter; additional reporting by Joseph Menn in San Francisco; Editing by Leslie Adler and Alistair Bell)