Kaseya, a software company that provides services to more than 40,000 organizations around the world, said on Friday it was investigating the possibility that it was the victim of a cyber attack.
The company urged customers who use its systems management platform, called VSA, to shut down their servers immediately to avoid the possibility of being compromised by attackers.
“We are facing a potential VSA attack that has been limited to a small number of on-premise customers only,” the company said on its website, referring to organizations that keep their software on their own sites rather than host them with a cloud provider. “We are investigating the root cause of the incident with the utmost vigilance. “
Kaseya did not respond to a request for comment.
John Hammond, a researcher at cybersecurity firm Huntress Labs, said at least eight companies that provide security or technology tools to hundreds of other small businesses may have been “compromised” by the Kaseya attack. He added that REvil, a group of Russian cybercriminals that the FBI said was behind the hack of the world’s largest meat processor, JBS, in May, was most likely to be to blame.