For 21 years, the software company Kaseya
labored in relative obscurity — at least until
cybercriminals exploited it in early July for
a massive ransomware attack that snarled
businesses around the world and escalated U.S.-
Russia diplomatic tensions.
But it turns out that the recent hack wasn’t the
first major cybersecurity problem to hit the Miami-
based company and its core product, which IT
teams use to remotely monitor and administer
workplace computer systems and other devices.
“It feels a little like déjà vu,” said Allie Mellen, a
security analyst at Forrester Research.
In 2018, for instance, hackers managed
to infiltrate Kaseya’s tool in 2018 to run a
“cryptojacking” operation, which channels
the power of afflicted computers to mine
cryptocurrency — often without its victims
noticing. It was a less harmful breach than
the recent ransomware attack, which was
impossible to miss since it crippled affected