Kaseya attack “hugely overstated” — CEO

The impact of the ransomware attack against IT firm Kaseya has been “hugely overstated”, according to company CEO Fred Voccola.

On 4 July, Kaseya was notified of irregular behaviour on its virtual systems/server administrator (VSA) system management product. In a video released by Kaseya, Vocolla says the company chose to shut the product down within an hour of being notified.

Vocolla said that the Kaseya platform comprises 27 separate modules and that the compromised system, VSA, is only one of those modules.

“The modular nature of Kasey’a security architecture prevented the attack from hindering any other modules than VSA,” Vocolla stated.

Kaseya’s VSA product is an IT management system used by approximately 37,000 managed service providers (MSPs) worldwide, who in turn provide IT services to between 800,000 and a million small businesses globally.

The biggest company to have reported the attack’s impact is the Swedish supermarket chain Coop, which has still not been able to open 800 of its stores due to the attack’s impact on its payment systems.

Russian hacking organization, REvil, claimed responsibility for the attack in a blog post on the dark web. The organisation demanded $70 million (almost R1 billion) in Bitcoin to release a fix for the attack.

According to Vocolla, 50 of their 37,000 customers were impacted by the attack. Of the 800,000 to 1 million customers serviced by Kaseya clients, the attack impacted an estimated 800 to 1,500 clients — a maximum of 0.19% of Kaseya’s global customers.

Voccola stated that “even the best defences in the world get scored upon”. He added that companies like Microsoft and Juniper have experienced security breaches and that “this kind of activity happens”.

“This breach has gotten incredible scrutiny from the press. All of a sudden, cybercrime and ransomware has become the topic of the day, and we’re caught in the middle of it. People make the impact of this larger than what it is.” the CEO stated.

The company currently has hundreds of its employees dedicated to the recovery of VSA, from technical reparation to customer support.

Voccolla did not specify when the breached system will be back online, stating that it will be “within the coming hours or days”.

Now read: South African firms hit by ransomware attack — and hackers want R1 billion

Latest news

Partner Content

Show comments


Share this article
Kaseya attack “hugely overstated” — CEO