Following recent ransomware attacks that brought down a major gas pipeline and a major meat producer in the US, a new assault has emerged, this time hitting a Miami-based company that provides technology management tools to organizations all over the world. the world. Hundreds of companies, including a railway chain, pharmacies and supermarkets in Sweden, have been affected by the attack on the software company Kaseya, which alerts posted to your site Friday and Saturday.
“Our outside experts have warned us that customers who experienced ransomware and receive communications from attackers should not click on any links as they may be armed,” the company said in its most recent alert, adding that it is working with the FBI. . to deal with the cyberattack.
The attack involves a Kaseya product called VSA, which, among other things, enables small and medium-sized businesses to control their IT systems remotely and automatically take care of routine server maintenance and security updates.
Less than 40 customers were affected by the cyberattack, the CEO of the company said The New York Times, but some of them are managed service providers, which can supply IT tools to hundreds of companies. The Times said that one of Sweden’s largest supermarket chains, Coop, had to close at least 800 of its stores due to the attack. Kaseya says more than 40,000 organizations worldwide use at least one of their products, but not necessarily the VSA offering.
Ransomware attacks, in which hackers breach systems and withhold networks and data for ransom, have become an increasingly alarming phenomenon. Last month,in an attack that temporarily put its processing plants out of service. And in may carrying gas to the densely populated east coast of the United States due to an attack. , although the . Some of the victims of the Kaseya VSA attack were receiving demands for $ 5 million in ransom, the Times reported.
Apart from the financial impact, these attacks, which have also affectedother , have expressed concern about the vulnerability of critical infrastructure. Shortly after the Colonial Pipeline attack was revealed, US President Joe Biden signed a . The Biden administration also said it planned to launch a task force aimed at cracking down on hackers using ransomware.
And at Biden’s summit last month with Russian President Vladimir Putin, one of the main topics of discussion was cyberattacks on critical infrastructure, whether launched by nation-states or gangs of hackers within their borders.
Both Kaseya and the United States Infrastructure and Cybersecurity Agency advised customers running VSA software on their servers to shut down those servers. When asked for additional information about the VSA attack, Kaseya said she was sharing her latest updates on her website and via social media. The Wall Street Journal reported that REvil, the same hacking group behind the attack on meat producer JBS, responsible for the VSA cyberattack.