Kaseya and REvil
Play • 46 min

The REvil ransomware gang's attack against the US software company Kaseya in 2021 is not only amongst the largest ransomware attacks of all time, but it's also one of the most intriguing. It involves the use of zero-day software vulnerabilities known only to a handful of people, a race between attackers trying to snare ransom payments and defenders developing a patch, and a secret operation that hacked back against the REvil hackers. And in the end, a rare action happened: Someone was actually arrested. This episode of The Ransomware Files also coincides with the release of new technical information from the Dutch Institute for Vulnerability Disclosure about the software vulnerabilities that were exploited by the ransomware gang. The information, which describes the vulnerabilities in Kaseya's Virtual Systems Administrator software, can be found on DIVD's website.

Speakers: Robert Cioffe, Founder, Progressive Computing; Frank Breedijk, Manager, CSIRT, DIVD; Victor Gevers, Chairman, DIVD; Jason Manar, Chief Information Security Officer, Kaseya; Jon DiMaggio, Chief Security Strategist, Analyst1; John Hammond, Senior Security Researcher, Huntress; Espen Johansen, Security Director, Visma Group; Adrian Stanila, Senior Information Security Researcher, Visma Group; George Zamfir, Security Analyst, Visma Group; Jeremy Kirk, Executive Editor, Information Security Media Group.

Sources and the transcript for this episode are here.

Production Coordinator: Rashmi Ramesh.

The Ransomware Files theme song by Chris Gilbert/© Ordinary Weirdos Records.

Music by Uppbeat and Podcastmusic.com.

Follow The Ransomware Files on Twitter: @ransomwarefiles

Follow The Ransomware Files on Instagram: @theransomwarefiles

More episodes
Clear search
Close search
Google apps
Main menu