By Raphael Satter and Trevor Hunnicutt
WASHINGTON (Reuters) – The White House said Sunday it was reaching out to victims of a wide-ranging ransomware outbreak that targets a Florida-based information technology company and has impacted hundreds of companies around the world.
Miami-based Kaseya has said fewer than 60 of its clients have been “directly affected” by the attack.
But the full impact of the intrusion is still coming into focus, in part because the Kaseya software tool that cybercriminals took over is used by so-called managed service providers, outsourcing workshops that other companies use to handle their back-office work. IT office. how to install updates.
A cybersecurity executive said his company alone had seen 350 clients attacked.
The White House deputy national security adviser for cyber and emerging technology, Anne Neuberger, said in a statement that the FBI and the cyber arm of the Department of Homeland Security “will reach out to identified victims to provide assistance based on an assessment of the national risk “.
President Joe Biden said on Saturday that he ordered US intelligence agencies to investigate who was behind the ransomware attack.
Security firm Huntress Labs said on Friday that it believed the Russian-linked REvil ransomware gang was to blame for the latest outbreak. Last month, the FBI blamed the same group for paralyzing the meatpacker. JBS SA (OTC :).
Kaseya said Sunday that it has hired cybersecurity company FireEye (NASDAQ 🙂 Inc to help deal with the consequences of the breach.
“The two biggest regions we’ve looked at are the United States and Germany,” Ross McKerchar, director of information security at Sophos Group Plc, said of the impact of the latest ransomware.
Those affected included schools, small public sector agencies, travel and leisure organizations, credit unions and accountants,
The eruption of German casualties may be because a major supplier has been compromised. Germany’s federal cybersecurity watchdog said Sunday that an unidentified IT service provider dealing with several thousand customers has been affected.
In some cases, chain reactions fueled more widespread disruption.
The Swedish Coop supermarket chain had to close hundreds of stores on Saturday because its cash registers are run by Visma Esscom, which manages the servers of several Swedish companies and in turn uses Kaseya.
McKerchar said the wave of disruption was another illustration of how difficult it was for modest-sized companies to deal with increasingly well-funded cybercriminals.
“Small businesses are outgunned when it comes to cybersecurity,” he said.
Fusion Media or anyone involved with Fusion Media will not accept any responsibility for loss or damage as a result of reliance on information, including data, quotes, charts, and buy / sell signals contained on this website. Be fully informed about the risks and costs associated with trading the financial markets, it is one of the riskiest forms of investment possible.