Kaseya, a software company that provides services to more than 40,000 organizations around the world, said on Friday that it was investigating the possibility that it had been the victim of a cyberattack.
The company urged customers that use its systems management platform, called VSA, to immediately shut down their servers to avoid the possibility of being compromised by attackers.
We are experiencing a potential attack against the VSA that has been limited to a small number of on-premise customers only, the company posted on its website, referring to organizations that keep their software at their own sites rather than housing it with a cloud provider. We are in the process of investigating the root cause of the incident with the utmost vigilance.
Kaseya did not respond to a request for comment.
John Hammond, a researcher at the cybersecurity company Huntress Labs, said that at least eight companies that provide security or technology tools for hundreds of other small businesses might have been compromised by the Kaseya attack. He added that REvil, a Russian cybercriminal group that the F.B.I. said was behind the hacking of the worlds largest meat processor, JBS, in May, was most likely to blame.
At least eight companies have been affected, and some were asked for $5 million in ransom. Russian criminals may be behind it, security researchers said.
