“Kasaya has about 36,000 customers, those customers are IT departments, commercial, government, they’re also IT providers the majority of them. If they manage 20, 30, 40, 50 customers each, each one of those companies has 50 to 100 employees, you’re talking about 50 million people that could potentially be impacted here,” DeSutter adds.
Once ransomware viruses are installed on a computer they lock down data and hold it for ransom. Then the ransom note is typically found.
“They’re asking between $50,000 and $4 million, some reports say $8 million,” said DeSutter.
This is a strategically timed supply-chain attack on IT management software provider Kaseya. And it is being under-reported in the media due to the holiday.
Kaseya attack setting precedents
Demi Ben-Ari, Co-Founder & CTO of Tel Aviv-based security management company Panorays claims that this attack may be setting dangerous precedents.
“That means the viral distribution of this thing is going to be massive. What has been reported so far is that more than a thousand companies have been affected, including some chains, like Swedish grocery retailer Coop, which was forced to close more than 800 stores. Their systems are literally all down,” Ben-Ari says.