In the United States, 1,000 companies targeted by a cyberattack, according to a specialized firm


This large-scale attack targeted management software common to the various companies. An investigation is underway to find “the source of the problem”.

Around 1,000 companies around the world are the target of a cyberattack with a ransom note via management software from the American company Kaseya, the computer security company Huntress Labs said on Friday. With the first direct consequence of closing 800 stores in Sweden.

We are investigating a potential attack on the VSA (software) which appears to have been limited to a small number of our on-site customers only.“Kaseya said on her website, specifying that she had closed”out of prudence»Some servers. The group, which says “be investigating the source of the problem», Also asked all its customers running its software on site to close the servers hosting this software.

To see also – Before his meeting with Joe Biden, Vladimir Putin denies the existence of Russian cyberattacks against the United States

Ransomware

The US Agency for Cybersecurity and Infrastructure Security (CISA) has indicated on its own website that it is in the process of taking action “to understand and resolve the recent ransomware attackAgainst Kaseya’s VSA software and the multiple IT management service providers who use this software. She there “encourages businesses to follow Kaseya’s advice, including immediately following their process for shutting down serversRelated to the software.

Ransomware, or “ransomware», Exploits security holes in a company or an individual to encrypt and block their computer systems, demanding a ransom to unlock them. According to Huntress Labs, “around 1000 companies have been encrypted», Without the group specifying the size or nature of these targeted companies. “Based on the computer models, ransomware notes and TOR URL (internet address used), we firmly believe“That an affiliate of the hacker group known as Revel or Sodinokibi”is at the origin of these intrusionsHuntress Labs said in a message posted to the Reddit forum.

The FBI had at the beginning of June attributed to this group the computer attack against the global meat giant JBS which had paralyzed its activities in North America and Australia for several days. The United States has been hit in recent months by a wave of ransomware cyber attacks affecting large companies like JBS and the oil pipeline operator Colonial Pipeline, as well as local communities and hospitals. Many of these attacks are attributed to Russian-based hacker groups operating at least with the tacit approval of the Kremlin.

.

Leave a Reply

Your email address will not be published. Required fields are marked *