Businesses around the globe are dealing with another big ransomware attack, linked to the Russia-connected REvil group that previously hacked meat processor JBS.
Catch up quick: The new attack exploits a flaw in software that middleware provider Kaseya supplied to customers, who are themselves companies that provide managed services to other businesses.
- It's affecting on the order of 1,500 companies, Kaseya said Monday evening.
- The attackers are said to be demanding $70 million in ransom. They are promising to provide a universal decrypter to all affected companies if they receive a lump sum, according to AP.
The big picture: This is a spectacularly successful example of a software supply chain attack — where hackers use vulnerability in a supplier's code to access all its customers' systems.
Yes, but: There's a strong case that managed services providers prevent more attacks than they cause, writes Bloomberg columnist Tim Culpan.
What they're saying:
- Crowdstrike co-founder and former CTO Dmitri Alperovitch: "This is without a doubt going to turn out to be the biggest, most destructive ransomware campaign that we've seen so far."
- U.S. Chamber of Commerce senior VP Christopher Roberti: "The U.S. government must take the fight to these foreign cybercriminal syndicates."
Go deeper: The ransomware pandemic
