On July 3, IT management software provider Kaseya disclosed that they were the victim of a sophisticated cyberattack.
In response, the company quickly suspended SaaS operations and urged on-premises users to shut down their VSA servers, but not before up to 1,500 organizations in at least 17 countries were affected. Indicators of compromise and a ransom note identified the attackers as the ransomware-as-a-service gang REvil. As of Sunday, REvil was demanding a $70 million cryptocurrency payment in exchange for the decryption keys.
In addition to the detection, ExtraHop also issued an in-product Threat Briefing on the Kaseya VSA-based supply chain ransomware attack to help security and network personnel understand the situation and take action.
A network detection and response (NDR) tool such as ExtraHop Reveal(x) 360 can provide the visibility you need to monitor third parties and take back the upper hand from attackers who hope to exploit supply chain vulnerabilities.
Source : REvil Ransomware Attack and Supply Chain Risk | ExtraHop
https://www.extrahop.com/company/blog/2021/revil-ransomware-attack-and-supply-chain-risk/
Demo link : https://www.extrahop.com/demo/
#extrahop #Cyberattack #Cybersecurity #synnexmetrodata #synnexmetrodataindonesia #smi