On Friday 2nd July 2021, a sophisticated supply-chain Ransomware attack by the Russian-linked group REvil hit a widely used technology management software from a Miami-based supplier called Kaseya. This is a statement from Nimbus Blue on the attack for the benefit of our customers.
Kaseya Hack Statement
On Friday 2nd July, a sophisticated supply-chain Ransomware attack by the Russian-linked group REvil hit a widely used technology management software from a Miami-based supplier called Kaseya. The knock-on effects have taken down IT systems of Swedish grocery stores, New Zealand schools and two Dutch tech firms – and it’s understood as of this morning that up to 1 million businesses across 17 countries are affected in what is believed to be the largest and one of the most sophisticated ransomware attacks ever.
The attackers used a Kaseya tool called VSA, used by companies that manage technology at smaller businesses. They then encrypted the files of those providers’ customers simultaneously. Nimbus Blue do not use the Kayesa VSA tool and have scanned all managed systems for traces of previous agent installs.
REvil, which was behind the recent hack of meat processor JBS back in June, which saw an $11million ransom paid, was negotiating individual ransoms of up to $5million – but said for $70million it would unlock all affected networks.
According to the FBI, there has been a 400% increase in reports of cyberattacks since the outset of the COVID-19 pandemic, and ransomware attacks are increasingly targeting SMBs.
As part of Nimbus Blue’s commitment to information security, we currently hold ISO 27001 (Information Security Management) certification and are currently working towards Cyber Essentials Plus certification, a UK government-backed framework supported by the NCSC (National Cyber Security Centre). This includes a technical audit of systems along with an external vulnerability assessment, an internal scan, and an on-site assessment by an independent third party.
The events of the weekend are yet another stark reminder that in today’s age all businesses are constantly at threat from bad actors and hackers, and the threat of Ransomware is higher now than it ever has been before.
If you would like to discuss any aspect of security, or arrange a security review of your systems, then please do not hesitate to get in contact with us.