Virginia Tech targeted in Kaseya security breach
On Friday, Virginia Tech spokesman Mark Owczarski informed local media that the university was affected by the series of global security breaches that crippled businesses throughout the world.
Several university units employed Kaseya – U.S.-based software company – that was breached in early July in a worldwide ransomware campaign.
According to Owczarski, the virus distributed across Kaseya software could have exposed students’ data to a security breach, however, the institution has not found any indication of such thing.
Back in early July, cybersecurity teams ran their skills to control the impact of one of the world’s biggest and most damaging ransomware attacks on record. The attack was rumored to have been linked to the notorious Russian cyber-gang, REvil.
Kaseya, an IT solutions developer for various institutions and companies, announced on July 2 that it has fallen victim to a security breach.
Throughout the breach, attackers carried out a supply chain ransomware attack by taking advantage of a vulnerability in Kaseya’s software against multiple MSP’s and their customers.
Kaseya’s CEO Fred Voccola announced in a statement that less than 0.1 percent of the company’s customers were entrapped in the breach.
Nevertheless, since the company’s clientele includes MSPs, this meant that a fraction of smaller businesses has been victimized by the incident.
In May, a previous attack took place where encrypted data was applied to attack the university’s server by blocking the campus’s ability to access student data.
Owczarski informed the newspaper that while hackers tried to take advantage of the software’s vulnerability on its server, there was no evidence of missing student data.
From its part, the university did not pay any ransom fee for the hackers in both attacks.
Issues resurfacing from the primal attack was resolved, but full system restoration is still underway to reestablish security on all campus computers from the last attack, which was more extensive.