“We are going to see a major, major escalation in these kinds of attacks. “When hackers are assured they are going to get paid, and not going to get caught, they get a lot more brazen,” he said. When hackers were successful, he said, they accrued more financial resources, enabling them to acquire better equipment, improved operations, and more skilled hackers. If the ransom were paid, it could exacerbate a ransomware arms race, said Schmidt. Kaseya’s chief executive officer, Fred Voccola, told Reuters he could not confirm whether Kaseya would pay the $70m ransom or negotiate with the hackers for a lower cost: “No comment on anything to do with negotiating with terrorists in any way,” he said. Its business operates at scale, offering customer service hotlines to allow its victims to pay ransoms more easily. REvil has quickly become a huge operation, offering “ransomware as a service” – meaning it leases out its ability to extort companies to other criminals and keeps a percentage of each payment.
![circumventing kaseya agent circumventing kaseya agent](https://blocksandfiles.com/wp-content/uploads/2021/07/Huntress-Labs-intrusion-notes.jpg)
REVil is the group that in June unleashed a major ransomware attack on the meat producer JBS, crippling the company and its supply until it paid a $11m ransom. Who is behind the hack?Īffiliates of the Russian hacker group REvil have claimed responsibility for the attack. In Sweden, hundreds of supermarkets had to close when their cash registers were rendered inoperative and in New Zealand, many schools and kindergartens were knocked offline. Meanwhile, the impact has reached other continents, and the disruption has been felt more keenly in other countries. “I feel good about our ability to be able to respond.” “It appears to have caused minimal damage to US businesses, but we’re still gathering information,” Biden told reporters following a briefing from advisers. Joe Biden said on Tuesday that while a number of smaller US businesses like dentists’ offices or accountants might have felt the effects of the hack, not many domestic companies had been affected. There are at least 145 victims in the US, according to an outside analysis from Sophos Labs, including local and state governments and agencies as well as small and medium-sized businesses.
![circumventing kaseya agent circumventing kaseya agent](https://dd80b675424c132b90b3-e48385e382d2e5d17821a5e1d8e4c86b.ssl.cf1.rackcdn.com/files/images_articles/runbook-860x520-003.jpg)
Kaseya has said that between 800 and 1,500 businesses were affected by the hack, although independent researchers have pegged the figure at closer to 2,000.
![circumventing kaseya agent circumventing kaseya agent](https://theme.zdassets.com/theme_assets/414345/cd00ecf778df077ef192afa7a7566fc1951bc8e4.png)
“If you can attack someone through a trusted channel, it’s incredibly pervasive – it’s going to ricochet way beyond the wildest dreams of the perpetrator.” Who was affected? “This is very scary for a lot of reasons – it’s a totally different type of attack than what we have seen before,” Schmidt said. This hack was particularly egregious because the bad actors behind it had targeted the very systems typically used to protect customers from malicious software, said Doug Schmidt, a professor of computer science at Vanderbilt University.