Ransomware is rampant these days. The latest in the long list of of attacks is the one on Kaseya, an PC management service provider, and it is notable because the incident not only affects Kaseya’s IT management customers, but also those companies’ corporate clients that have outsourced IT management to them. The attack is reminiscent of the SolarWinds security breach which is worrisome as the attackers seem to be targeting management platforms.
It appears that attackers have carried out a supply chain ransomware attack by leveraging a vulnerability in Kaseya’s VSA software against multiple managed service providers (MSP) — and their customers.
Kaseya on Tuesday said around 50 of its customers that use the on-premises version of VSA had been directly compromised by the attack — but it said as many as 1,500 downstream businesses around the world have been compromised.