- BBC News World
About 200 companies in the United States have been hit by a “massive” type of “ransomware” or hijacking, in which hackers step into systems until the affected individuals or companies pay to unblock them.
Cybersecurity firm Huntress Labs claimed that the target of the attack was an IT company QaisiyaBased in Florida, it later spread to corporate networks using its software.
Qassieh issued a statement on her website saying she was investigating the “potential attack.”
Huntress Labs reported that they think so The criminal group of hackers known as REvil – who carries out these kinds of attacks for money and has ties to Russia – was responsible.
For its part, the US Cybersecurity and Infrastructure Agency, a federal entity, said in a statement that it was taking measures to counter the attack.
The cyber hack appeared on Friday afternoon, as businesses across the US were closing their doors in anticipation of the long Independence Day weekend.
The two main concerns keeping cybersecurity professionals awake lately are online hijackings and attacks on the supply chain, as the BBC cyber analyst notes, Joe Teddy.
He writes, “This latest incident combines these two nightmares into tremendous fun for hundreds of American computer teams on Independence Day weekend.”
According to the analyst, cyber hijacking is the scourge of the Internet. Multiple organized crime gangs are constantly trying to break into computer networks and take them hostage. The frequency of the attacks is relentless, but it can take a lot of time and effort for criminal gangs to successfully infiltrate the victim’s computer system.
“In this latest incident, hackers have shown that by attacking software vendors in many organizations, they can capture dozens, possibly hundreds of victims in one fell swoop,” he says.
“We have seen horrific attacks on supply chains in the past, but these attacks can also be The biggest cyber hijacking incident so far“.
Tidy adds that cyber-kidnapping criminals are getting creative about how to make the most impact and being able to demand the most money to free the system.
‘Colossal and devastating’
Kaseya has acknowledged that one of its applications that manages corporate servers, desktop computers, and network devices may have been compromised in the attack.
The company said it is alerting its customers who use the VSA tool to Shut down your servers immediately.
In her statement, Kaseya confirmed that “a small number” of companies were affected, although Huntress Labs maintains that the number is more than 200.
It is not clear which companies were affected specifically and a representative for Cassius contacted by the BBC declined to give details.
Kaseya claims to be present in more than 10 countries and has more than 10,000 customers.
“This is a massive and devastating attack on the supply network,” John Hammond, chief security researcher at Huntress Labs, said in an email to Reuters.
At a summit meeting in Geneva last month, US President Joe Biden told his Russian counterpart Vladimir Putin that he was Responsible for stopping these types of cyber attacks.
Biden stated that he gave Putin a list of 16 vital sectors of infrastructure, from energy to water, that should not be vulnerable to piracy.
REvil – also known as Sodinkibi – is one of the world’s most prolific and lucrative cyber criminal groups.
The gang was accused by the FBI of the hack in May that paralyzed the operations of GPS, the world’s largest meat supplier.
Sometimes the group Threatens to post stolen documents on your website – Known as the “happy blog” – if the victims did not comply with their demands.
REvil was also reported to have been linked to a coordinated attack on more than 20 Texas local governments in 2019.
You can now receive notifications from BBC Mundo. Download and activate the new version of our app so you don’t miss our best content.