About 200 companies in USA were hit by a “colossal” cyber attack type “ransomware” or cyber kidnapping, in which the systems are intervened by hackers until the affected individuals or companies pay to unblock them.

The cybersecurity company Huntress Labs claimed that the target of the attack was the information technology company Kaseya, based in Florida, and later spread to corporate networks using its software.

Kaseya posted a statement on her website stating that she was investigating the “potential attack.”

Huntress Labs stated that they believe that the criminal group of hackers known as REvil -which carries out these types of attacks for money and has ties to Russia- was responsible.

For its part, the US Cybersecurity and Infrastructure Agency, a federal entity, said in a statement that it was taking action to address the attack.

The cyber breach occurred on Friday afternoon, as businesses across the US were shutting down in anticipation of the long weekend of Independence Day.

Multiple hit

The two big concerns keeping cybersecurity professionals awake lately are cyber kidnappings and attacks on the supply chain, notes the BBC’s cyber analyst, Joe Tidy.

“This latest incident combines those two nightmares into a huge killjoy for hundreds of US IT teams on the Independence holiday weekend,” he writes.

According to the analyst, cyber kidnapping is the scourge of the internet. Multiple organized crime gangs constantly try to break into computer networks and take them hostage. The frequency of attacks is relentless, but it can take a lot of time and effort for criminal gangs to successfully infiltrate a victim’s computer system.

“In this latest incident, hackers demonstrated that by attacking the software vendor of multiple organizations they can catch dozens, maybe hundreds of victims in one hit,” he says.

“We have seen horrific attacks on supply chains in the past, but this one has the potential to be the biggest cyber kidnapping incident so far”.

Tidy adds that cyber kidnapping criminals are getting creative in how to have the biggest impact and be able to demand the most money to free the system.

“Colossal and devastating”

The Kaseya firm acknowledged that one of its applications that manages corporate servers, desktops and network devices may have been compromised in the attack.

The company said it was alerting its customers who use its VSA tool to immediately shut down your servers.

In its statement, Kaseya assured that a “small number” of companies had been affected, although Huntress Labs affirms that the number is more than 200.

It is not clear which companies were specifically affected and a Kaseya representative contacted by the BBC declined to give details.

The Kaseya website claims to be present in more than 10 countries and have more than 10,000 clients.

“This is a colossal and devastating supply network attack,” John Hammond, senior security researcher at Huntress Labs, said in an email to Reuters.

This Saturday, US President Joe Biden spoke out about the attack.

“The initial idea was that it was not the Russian government, but we are still not sure,” he said.

Biden also said that he had ordered US intelligence agencies to investigate, and that the United States will respond if they determine that Russia is responsible.

At a summit in Geneva last month, Biden told his Russian counterpart Vladimir Putin that he was the responsible for stopping these types of cyberattacks.

Biden stated that he had given Putin a list of 16 critical infrastructure sectors, from energy to water, that should not be subject to hacking.

REvil -also know as Sodinkibi– is one of the most prolific and profitable cyber criminal groups in the world.

The gang was accused by the FBI of the hack in May that paralyzed the operations of JBS – the world’s largest meat supplier.

Sometimes the group threatens to post stolen documents on your website – known as the “Happy Blog” – if the victims do not comply with their demands.

REvil was also reported to be linked to a coordinated attack on more than 20 local governments in Texas in 2019.

Categorized in:

News

Tagged in:

, , , ,