Software company Kaseya received a key on Thursday to decrypt its systems and those of customers who were locked down by a ransomware attack earlier this month.

A company spokesman told The Hill in an email statement that Kaseya had “effective decryptor and we actively use it to help our customers. “

“We obtained the tool from a trusted third party, and for reasons of confidentiality I cannot comment on it,” said the spokesman.

The key will likely be used to support the up to 1,500 companies affected by the Kaseya ransomware attack. Cybersecurity experts have made connections with the Russia-based cybercriminal group REvil, although the federal government has not yet officially assessed who was behind the attack.

Kaseya discovered at the time of the attack that many of its customers were “managed service providers using Kaseya technology to manage IT infrastructure for local and small businesses with fewer than 30 employees, such as dental offices, small accounting offices and local restaurants. ”

The hackers behind the attack initially asked for $ 70 million to decrypt the system, and later Lowering their claim of $ 50 million. The Kaseya spokesman did not comment on whether the company paid the ransom to get the key.

Websites used by Kaseya on the dark web went offline last week, although it remains unclear who or what is behind the takedown.

The ransomware attack, which experts rate as one of the largest ransomware incidents in history, followed a series of attacks on other critical organizations around the world.

Hospitals, schools and government agencies were targeted during the COVID-19 pandemic, while ransomware attacks on the Colonial Pipeline and meat producer JBS USA temporarily disrupted critical supply chains in May. Both Colonial and JBS chose to pay the ransom to get their systems back up and running quickly.

The Biden The government has stepped up efforts to combat ransomware attacks and other cyber threats, including the signing of an executive order to strengthen federal cybersecurity by President Biden in May and putting together one Cross-agency federal working group to coordinate actions related to ransomware.

Biden also spoke to the Russian President about his concerns about ransomware attacks related to Russia Wladimir PutinVladimir Vladimirovich PutinUS and Germany reach agreement on controversial Russian pipeline Admission in Berlin, encouragement from Moscow and blackmailing Kiev: Biden and Nordstream 2 The Ukrainian President will meet with Biden at the White House in August MORE during their summit in Geneva last month, and Biden called Putin to speak about cybersecurity issues again earlier this month.

“I made it very clear to him that if a ransomware operation comes off its soil, even if it’s not state sponsored, the United States expects them to act if we give them enough information to act who that is. “Biden told reporters when asked about the phone call earlier this month.


Source link
#Kaseya #receives #keys #decrypt #systems #weeks #ransomware #attack

Leave a Reply