Kaseya agent what is
One of the significant aspects of the Kaseya attack is that the perpetrators fed their ransomware to multiple MSPs. It was, in many ways, a remarkably revolutionary attack.
![kaseya agent what is kaseya agent what is](https://community.sophos.com/cfs-file/__key/communityserver-wikis-components-files/00-00-00-00-12/pastedimage1585588653899v7.png)
While the situation is still evolving, it is likely that the Kaseya ransomware attack will have a major impact on cybersecurity going forward. How the Kaseya Ransomware Attack Changes Everything Many of the companies affected are small firms, although the attack completely shut down the Swedish Coop supermarket chain by crashing all their cash registers. Kaseya officials believe that the attack has affected 30 MSPs and somewhere between 800 and 1,500 businesses worldwide. And the attackers, believed to be the Russian-based REvil criminal group, issued their ransomware demands – a total of $70 million in Bitcoin to restore the encrypted data at all affected businesses. This ransomware then encrypted the files of hundreds of businesses.
#KASEYA AGENT WHAT IS UPDATE#
They then uploaded a malicious payload – a fake management agent update dubbed “Kaseya VSA Agent Hot-fix” – and pushed it to multiple MSP client systems. This enabled the attackers to evade the software’s normal authentication controls and open an authenticated session. The attack appeared to exploit a zero-day vulnerability to trigger an authentication bypass vulnerability in the VSA software’s web interface. The attack was targeted at multiple MSPs and their many customers. The FBI, in an official notice, described what happened as a “supply chain ransomware attack” that leveraged a vulnerability in Kaseya’s KSA software.
#KASEYA AGENT WHAT IS SOFTWARE#
It’s estimated that Kaseya’s software is used by more than 40,000 organizations worldwide, although its MSP tools influence an even larger global software supply chain. One of its most popular tools is VSA, which automated remote monitoring and management tasks for networks and endpoints. The company provides various software tools for use by managed service providers (MSPs) and other enterprises.
![kaseya agent what is kaseya agent what is](https://www.file.net/img/screenshot/taskman-agentmon-exe.png)
![kaseya agent what is kaseya agent what is](https://img.yumpu.com/36605537/1/500x640/agent-configuration-and-deployment-kaseya-documentation.jpg)
The company employs about 1,300 people and generates around $360 million in annual revenue. It has a presence in ten different countries, including U.S. Kaseya is a privately-held software company based in Dublin, Ireland. What exactly was the Kaseya ransomware attack – and how did it affect so many different businesses? Some background is in order. The Kaseya attack ultimately affected thousands of businesses around the world that use Kaseya’s software solutions and promises to change how we deal with similar cyberattacks in the future. On July 2, 2021, the IT solutions provider Kaseya announced that it had become the victim of a massive ransomware attack.