Kaseya VSA Cyberattack: What Kaseya and the Feds Are Saying

Foley Hoag LLP - Security, Privacy and the Law
Contact

Foley Hoag LLP - Security, Privacy and the Law

If you aren’t following the ransomware attack on Kaseya’s VSA product and approximately 200 of its users, you should be.  Like many cyberattacks, this one came on the verge of a holiday weekend.  As the company itself notes, “Kaseya’s VSA product has unfortunately been the victim of a sophisticated cyberattack. Due to our teams’ fast response, we believe that this has been localized to a very small number of on-premises customers only. ”

The federal government has been spurred into action by the scale and severity of this attack (and the $70 million demand from the attackers):

Since Friday [July 2], the United States Government has been working across the interagency to assess the Kaseya ransomware incident and assist in the response. The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have been working with Kaseya and coordinating to conduct outreach to impacted victims. Yesterday, President Biden directed the full resources of the government to investigate this incident. We extend our thanks to the cybersecurity professionals across the FBI, CISA, and the intelligence community for working around the clock to respond to this incident.

Kaseya’s own daily updates can be found here.

The White House “urge[s] anyone who believes their systems have been compromised in the Kaseya ransomware incident to immediately report to the Internet Crime Complaint Center at https://www.IC3.gov. The FBI and CISA will reach out to identified victims to provide assistance based upon an assessment of national risk. We also urge you to immediately follow the guidance from Kaseya including shutting down your VSA servers and implementing CISA’s and FBI’s mitigation techniques.”

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Foley Hoag LLP - Security, Privacy and the Law | Attorney Advertising

Written by:

Foley Hoag LLP - Security, Privacy and the Law
Contact
more
less

Foley Hoag LLP - Security, Privacy and the Law on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.