A ransomware attack on a US IT company potentially targeted 1,000 businesses, researchers said on Saturday, with one of Sweden’s biggest supermarket chains revealing it had to temporarily close about 800 stores after losing access to its checkouts.
Kaseya on Friday evening said that it had limited the attack to “a very small percentage of our customers” who use its signature VSA software — “currently estimated at fewer than 40 worldwide.”
However, cybersecurity firm Huntress Labs said in a Reddit forum that it was working with partners targeted in the attack, and that the software was manipulated “to encrypt more than 1,000 companies.”
Russian-based hackers have been blamed for a string of ransomware attacks, and US President Joe Biden has raised the threat in talks with Russian President Vladimir Putin.
Biden on Saturday ordered a full investigation, while adding that “the initial thinking was it was not the Russian government, but we’re not sure yet.”
Brett Callow, an analyst for cybersecurity company Emsisoft, said that it remained unknown how many companies were affected and that the scale of attack could be “without precedent.”
Ransomware attacks typically involve locking away data in systems using encryption, making companies pay to regain access.
Kaseya describes itself as a leading provider of IT and security management services to small and medium-sized businesses.
VSA, the company’s flagship offering, is designed to let companies manage networks of computers and printers from a single point.
“One of our subcontractors was hit by a digital attack, and that’s why our checkouts aren’t working any more,” Coop Sweden, which accounts for about 20 percent of the country’s supermarket sector, said in a statement.
“We regret the situation and will do all we can to reopen swiftly,” the cooperative added.
Coop Sweden did not name the subcontractor or reveal the hacking method used against it.
However, the Swedish subsidiary of the Visma software group said the problem was linked to the Kaseya attack.
Kaseya became aware of a possible incident with VSA at midday on Friday on the US east coast and “immediately shut down” its servers as a “precautionary measure,” it said.
It also “notified our on-premises customers via email, in-product notes, and phone to shut down their VSA servers to prevent them from being compromised.”
SOURCE IDENTIFIED
“We believe that we have identified the source of the vulnerability and are preparing a patch to mitigate it,” the company said in a statement.
According to the New Zealand government’s Computer Emergency Response Team, the attackers were from a hacking group known as REvil.
REvil was also, according to the FBI, behind last month’s attack on JBS, one of the world’s biggest meat processors, which ended with the Brazil-based company paying bitcoin worth US$11 million to the hackers.
The US Cybersecurity and Infrastructure Security Agency said that it was “taking action to understand and address the recent supply-chain ransomware attack” against Kaseya VSA and the service providers using its software.
“This is one of the largest, most widespread ransomware attacks I’ve seen in my career,” said Alfred Saikali of law firm Shook, Hardy & Bacon.
“I have never seen this many companies hire us in a single day for the same incident. As a general rule, you want to avoid paying the ransom at all costs,” he said.
THE ‘MONSTER’: The Philippines on Saturday sent a vessel to confront a 12,000-tonne Chinese ship that had entered its exclusive economic zone The Philippines yesterday said it deployed a coast guard ship to challenge Chinese patrol boats attempting to “alter the existing status quo” of the disputed South China Sea. Philippine Coast Guard spokesman Commodore Jay Tarriela said Chinese patrol ships had this year come as close as 60 nautical miles (111km) west of the main Philippine island of Luzon. “Their goal is to normalize such deployments, and if these actions go unnoticed and unchallenged, it will enable them to alter the existing status quo,” he said in a statement. He later told reporters that Manila had deployed a coast guard ship to the area
RISING TENSIONS: The nations’ three leaders discussed China’s ‘dangerous and unlawful behavior in the South China Sea,’ and agreed on the importance of continued coordination Japan, the Philippines and the US vowed to further deepen cooperation under a trilateral arrangement in the face of rising tensions in Asia’s waters, the three nations said following a call among their leaders. Japanese Prime Minister Shigeru Ishiba, Philippine President Ferdinand Marcos Jr and outgoing US President Joe Biden met via videoconference on Monday morning. Marcos’ communications office said the leaders “agreed to enhance and deepen economic, maritime and technology cooperation.” The call followed a first-of-its-kind summit meeting of Marcos, Biden and then-Japanese prime minister Fumio Kishida in Washington in April last year that led to a vow to uphold international
US president-elect Donald Trump is not typically known for his calm or reserve, but in a craftsman’s workshop in rural China he sits in divine contemplation. Cross-legged with his eyes half-closed in a pose evoking the Buddha, this porcelain version of the divisive US leader-in-waiting is the work of designer and sculptor Hong Jinshi (洪金世). The Zen-like figures — which Hong sells for between 999 and 20,000 yuan (US$136 to US$2,728) depending on their size — first went viral in 2021 on the e-commerce platform Taobao, attracting national headlines. Ahead of the real-estate magnate’s inauguration for a second term on Monday next week,
‘PLAINLY ERRONEOUS’: The justice department appealed a Trump-appointed judge’s blocking of the release of a report into election interference by the incoming president US Special Counsel Jack Smith, who led the federal cases against US president-elect Donald Trump on charges of trying to overturn his 2020 election defeat and mishandling of classified documents, has resigned after submitting his investigative report on Trump, an expected move that came amid legal wrangling over how much of that document can be made public in the days ahead. The US Department of Justice disclosed Smith’s departure in a footnote of a court filing on Saturday, saying he had resigned one day earlier. The resignation, 10 days before Trump is inaugurated, follows the conclusion of two unsuccessful criminal prosecutions
RSS