Kaseya, a Miami software supplier which helps technology service providers manage computer networks, knew in April about “a cybersecurity vulnerability” used in a massive ransomware attack last week, The Wall Street Journal (WSJ) reported, citing a Dutch security researcher group that discovered the issue.
The attack has impacted hundreds of organizations.
Kaseya was “told of a serious cybersecurity hole in its Kaseya VSA software on April 6,” according to WSJ, which reported Victor Gevers, chairman of the Dutch Institute for Vulnerability Disclosure, shared the information in a blog post Wednesday (July 7).
The flaw was one of seven vulnerabilities the institute reported to Kaseya, Gevers said, per WSJ. Kaseya has said multiple flaws triggered the massive attack, but the extent to which all the flaws were used wasn’t clear.
Gevers is no stranger to high-profile hacks. Last year, he hacked into then-President Donald Trump’s Twitter account by correctly guessing the password but convinced authorities he had done so ethically.
Five days after the ransomware attack began, Kaseya is still trying to patch its VSA software. An “unidentified issue” has blocked the release of a security update intended to address the ransomware attack, WSJ reported.
A Russian ransomware group known as REvil has claimed responsibility for the attack, which victimized hundreds of small- to medium-sized businesses (SMBs), according to WSJ. REvil asked for $70 million to unlock all the affected systems, but has also said victims can pay between $25,000 and $5 million directly to them.
Kaseya said Tuesday (July 6) that it was aware of fewer than 60 customers who were “directly compromised by this attack,” WSJ reported. In total, Kaseya said, the hack affected “fewer than 1,500 downstream businesses.”
Those affected were primarily customers of Kaseya’s customers.
White House press secretary Jen Psaki said there might be the chance of retaliatory attacks against possible Russian participators — although there were no specifics on what this might entail. President Joe Biden has said numerous times that he believes the Kremlin has responsibility in giving safe harbor to cybercriminals. He said the U.S. may have escaped serious damage in the attack.