Ransomware attack on publisher Kaseya threatens businesses around the world

After the recent ransomware attacks that shut down a major gas pipeline and a large meat processing company in the United States, a new attack this time targeted Kaseya, a publisher based in Miami, Florida (US) that provides technical management tools to customers worldwide.

Hundreds of businesses, including a railway company, a pharmacy chain and a supermarket chain in Sweden, were directly affected by the attack. But more companies, at least 36,000, were indirectly affected by the attack, with Kaseya advising all its customers not to connect to their servers on Friday and not yet giving them the green light.

On Sunday afternoon, the publisher announced that it would try to bring servers back online overnight in the UK, Europe and Asia, and then do the same in North America on Monday afternoon.

The Russian hacker group REvil . singled out

Kaseya made the detection tool available on Saturday evening to nearly 900 customers who requested it. It says it has not received any new reports of hacking since Saturday. The company cooperates with
FBI And the
US cyber security agency to investigate the attack.

The attack involves a Kaseya product called VSA, which, among other things, allows small and medium-sized businesses to remotely monitor their computer systems and automatically manage routine server maintenance and security updates. ” We are 100% sure how this happened and we fixed it said Fred Fukulla, CEO of Kaseya.

to me
The Wall Street JournalThe Russian hacker-linked REvil group responsible for the attack on JBS meat processor is believed to be related to the Kaseya attack. Supported analysis by security solutions editors
fisherman laboratories And the
Sophos Laboratories.

See also  Tourism: France expects 50 million foreign visitors this year

800 supermarkets closed in Sweden

While less than 40 customers have been directly affected by the cyber attack, some of these companies are service providers that provide IT tools to hundreds of companies. Coop, one of Sweden’s largest supermarket chains, has had to close at least 800 of its stores. Some of the victims received ransom requests of $5 million, according to reports
The New York Times.

Ransomware attacks, where hackers break into systems and demand ransom for networks and free data, are becoming an increasingly worrying phenomenon. In June, JBS, one of the largest meat producers in the United States, paid a ransom of $11 million. In May, Colonial Pipeline revealed that it was forced to shut down a major gas pipeline to the East Coast of the United States due to an attack and paid a $4.4 million ransom to hackers. But the Department of Justice later recovered part of that amount.


Article from CNET.com adapted from CNETFrance

Photo: James Martin/CNET

LEAVE A REPLY

Please enter your comment!
Please enter your name here