According to the cybersecurity firm Huntress Labs Inc, a breach at the U.S. IT firm Kaseya in Miami led to more than thousands of American businesses hit by ransomware attacks.
What Happened: On Friday, the attackers changed a Kaseya tool called VSA, used by the company to provide IT services primarily to small- and medium-sized businesses, Reuters reported.
Huntress said that this is a colossal and devastating supply chain attack and the REvil ransomware gang was to blame for the attack. REvil, is among ransomware gangs that steal data from targets before activating the ransomware, strengthening their extortion efforts.
The ransomware attack potentially threatened the MSP customers by gaining access to their system. The security firm said that 20 MSPs had been affected thus far. The firm was tracking eight managed service providers used to infect some 200 clients.
SYNNEX Corporation SNX and Avtex LLC are the two major MSPs affected by this ransomware attack.
On its website, Kaseya has said that it was investigating the potential attack on VSA. The company has also shut down some of its infrastructures and has asked customers that used VSA on their premises to turn off their servers immediately.
The U.S. Cybersecurity and Infrastructure Security Agency said it was “taking action to understand and address the recent supply-chain ransomware attack” against Kaseya’s VSA product.
Why It Matters: Last month, President Joe Biden had proposed $750 million for the government agencies hit by the SolarWinds Corp SWI hack to pay for cybersecurity improvements to prevent the attack. An additional $500 million fund was proposed for a technology modernization fund.
An additional $110 million for the Cybersecurity and Infrastructure Security Agency and $15 million for the Office of the National Cyber Director were set aside.
According to the New York Times report, the chief executives of Wall Street’s six largest banks were asked to name the greatest threat to their companies, and they all mentioned “cybersecurity.”
In recent times, cyber attackers have gained a strong foothold because of increased nation-state cyberattacks against critical infrastructure.
According to the report, the federal government and financial institutions have formed information-sharing groups, performed tabletop exercises, and invested heavily in cybersecurity. JPMorgan Chase & Co. JPM spends about $600 million each year on cybersecurity efforts.
However, experts say there are significant gaps in awareness and preparation for a cyberattack on Wall Street.
Image by methodshop from Pixabay
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.
