Hundreds of US businesses hit by ‘colossal’ cyber-attack
The IndependentFor free real time breaking news alerts sent straight to your inbox sign up to our breaking news emails Sign up to our free breaking news emails Sign up to our free breaking news emails SIGN UP I would like to be emailed about offers, events and updates from The Independent. Read our privacy policy Nearly 200 businesses were hit on Friday by a “colossal” ransomware attack that targeted widely used software from Kaseya, a Miami-based supplier. The US government’s Cybersecurity and Infrastructure Security Agency said it is taking action to understand the recent supply-chain ransomware attack against Kaseya VSA The attackers changed a Kaseya tool called VSA, used by firms that manage technology at smaller businesses. “This is a colossal and devastating supply chain attack,” Huntress senior security researcher John Hammond said in an email, referring to an increasingly high profile hacker technique of hijacking one piece of software to compromise hundreds or thousands of users at a time. Hammond added that because Kaseya is plugged in to everything from large enterprises to small companies “it has the potential to spread to any size or scale business.” Many managed service providers use VSA, although their customers may not realise it, experts said.