Kaseya asks customers to sign a non-disclosure agreement to obtain a ransomware decryptor

Picture of an article titled Kaseya is asking its customers to sign non-disclosure agreements to obtain ransomware decryption keys

Photo: Jack Gates/AFP (Getty Images)

Kaseya asks customers affected by this Large-scale REvil ransomware attack Signing a non-disclosure agreement to obtain the decryption key may make the incident even more mysterious. Although the decryption key will undoubtedly bring relief to some victims, others say its impact is minimal.

a new one CNN report The announcement on Friday disclosed a confidentiality agreement and cited several cybersecurity experts who worked with the attack victims. The media pointed out that these protocols are not uncommon in the network security industry, but they may make it more difficult for people to understand how attacks occur.Revelation is Kaseya’s latest step Tight-lipped response Since it was announced on Thursday that it has obtained a “universal decryptor” from a “trusted third party”.

It is unclear where Kaseya obtained the decryptor and whether it paid an exciting fee $70 million in ransom In early July, the REvil cybercrime group requested a common key for approximately 1,500 victims worldwide.A few days after claiming the attack, the REvil group added another twist to the legend Disappeared From the network.

The company declined to comment on whether it paid for the keys in a statement to Gizmodo on Friday. However, some experts said that after the Biden government puts pressure on it, the Russian government may hand over the keys to Caseya. Others claimed that Kaseya might have paid REvil’s ransom long ago, after which the criminals went into hiding.

Cybersecurity experts who spoke to CNN pointed out that when Kaseya announced that it had obtained a universal decryptor, some customers were frustrated because they had spent time and resources trying to restore the system on their own, although the success was mixed. The news about the decryptor came three weeks after the attack.

Andrew Kaiser, vice president of sales at Huntress Labs, told the media that a service provider that was attacked by REvil spent thousands of hours trying to recover. If they knew that Kaseya was working to obtain a decryptor, they would make a different decision.

“I talked to a service provider yesterday,” Caesars told CNN, “He said,’Hey listen, we are a company of 10 to 20 people. We have spent more than 2,500 man-hours throughout the business to fix this problem If we knew it was possible to get this decryptor a week or 10 days ago, we would make a very different decision. Now, we only have 10 or 20 systems that can benefit from it.’”

Gizmodo contacted Kaseya on Saturday to ask if the client is required to sign a non-disclosure agreement. We also asked Kaseya whether they expressed frustration with the victim’s news about the universal decryptor. In an email response, the company said it would not comment.


Leave a Reply

Your email address will not be published. Required fields are marked *