A ransomware attack on a US IT company potentially targeted 1,000 businesses, researchers said on Saturday, with one of Sweden’s biggest supermarket chains revealing it had to temporarily close about 800 stores after losing access to its checkouts.
Kaseya on Friday evening said that it had limited the attack to “a very small percentage of our customers” who use its signature VSA software — “currently estimated at fewer than 40 worldwide.”
However, cybersecurity firm Huntress Labs said in a Reddit forum that it was working with partners targeted in the attack, and that the software was manipulated “to encrypt more than 1,000 companies.”
Russian-based hackers have been blamed for a string of ransomware attacks, and US President Joe Biden has raised the threat in talks with Russian President Vladimir Putin.
Biden on Saturday ordered a full investigation, while adding that “the initial thinking was it was not the Russian government, but we’re not sure yet.”
Brett Callow, an analyst for cybersecurity company Emsisoft, said that it remained unknown how many companies were affected and that the scale of attack could be “without precedent.”
Ransomware attacks typically involve locking away data in systems using encryption, making companies pay to regain access.
Kaseya describes itself as a leading provider of IT and security management services to small and medium-sized businesses.
VSA, the company’s flagship offering, is designed to let companies manage networks of computers and printers from a single point.
“One of our subcontractors was hit by a digital attack, and that’s why our checkouts aren’t working any more,” Coop Sweden, which accounts for about 20 percent of the country’s supermarket sector, said in a statement.
“We regret the situation and will do all we can to reopen swiftly,” the cooperative added.
Coop Sweden did not name the subcontractor or reveal the hacking method used against it.
However, the Swedish subsidiary of the Visma software group said the problem was linked to the Kaseya attack.
Kaseya became aware of a possible incident with VSA at midday on Friday on the US east coast and “immediately shut down” its servers as a “precautionary measure,” it said.
It also “notified our on-premises customers via email, in-product notes, and phone to shut down their VSA servers to prevent them from being compromised.”
SOURCE IDENTIFIED
“We believe that we have identified the source of the vulnerability and are preparing a patch to mitigate it,” the company said in a statement.
According to the New Zealand government’s Computer Emergency Response Team, the attackers were from a hacking group known as REvil.
REvil was also, according to the FBI, behind last month’s attack on JBS, one of the world’s biggest meat processors, which ended with the Brazil-based company paying bitcoin worth US$11 million to the hackers.
The US Cybersecurity and Infrastructure Security Agency said that it was “taking action to understand and address the recent supply-chain ransomware attack” against Kaseya VSA and the service providers using its software.
“This is one of the largest, most widespread ransomware attacks I’ve seen in my career,” said Alfred Saikali of law firm Shook, Hardy & Bacon.
“I have never seen this many companies hire us in a single day for the same incident. As a general rule, you want to avoid paying the ransom at all costs,” he said.
DOUBLE-MURDER CASE: The officer told the dispatcher he would check the locations of the callers, but instead headed to a pizzeria, remaining there for about an hour A New Jersey officer has been charged with misconduct after prosecutors said he did not quickly respond to and properly investigate reports of a shooting that turned out to be a double murder, instead allegedly stopping at an ATM and pizzeria. Franklin Township Police Sergeant Kevin Bollaro was the on-duty officer on the evening of Aug. 1, when police received 911 calls reporting gunshots and screaming in Pittstown, about 96km from Manhattan in central New Jersey, Hunterdon County Prosecutor Renee Robeson’s office said. However, rather than responding immediately, prosecutors said GPS data and surveillance video showed Bollaro drove about 3km
‘MOTHER’ OF THAILAND: In her glamorous heyday in the 1960s, former Thai queen Sirikit mingled with US presidents and superstars such as Elvis Presley The year-long funeral ceremony of former Thai queen Sirikit started yesterday, with grieving royalists set to salute the procession bringing her body to lie in state at Bangkok’s Grand Palace. Members of the royal family are venerated in Thailand, treated by many as semi-divine figures, and lavished with glowing media coverage and gold-adorned portraits hanging in public spaces and private homes nationwide. Sirikit, the mother of Thai King Vajiralongkorn and widow of the nation’s longest-reigning monarch, died late on Friday at the age of 93. Black-and-white tributes to the royal matriarch are being beamed onto towering digital advertizing billboards, on
Tens of thousands of people on Saturday took to the streets of Spain’s eastern city of Valencia to mark the first anniversary of floods that killed 229 people and to denounce the handling of the disaster. Demonstrators, many carrying photos of the victims, called on regional government head Carlos Mazon to resign over what they said was the slow response to one of Europe’s deadliest natural disasters in decades. “People are still really angry,” said Rosa Cerros, a 42-year-old government worker who took part with her husband and two young daughters. “Why weren’t people evacuated? Its incomprehensible,” she said. Mazon’s
POWER ABUSE WORRY: Some people warned that the broad language of the treaty could lead to overreach by authorities and enable the repression of government critics Countries signed their first UN treaty targeting cybercrime in Hanoi yesterday, despite opposition from an unlikely band of tech companies and rights groups warning of expanded state surveillance. The new global legal framework aims to bolster international cooperation to fight digital crimes, from child pornography to transnational cyberscams and money laundering. More than 60 countries signed the declaration, which means it would go into force once ratified by those states. UN Secretary-General Antonio Guterres described the signing as an “important milestone,” and that it was “only the beginning.” “Every day, sophisticated scams destroy families, steal migrants and drain billions of dollars from our economy...
RSS