FBI says 'scale' of Kaseya ransomware attack won't allow to work with every victim

Federal Bureau of Investigation (FBI), on Sunday, cautioned that the “scale” of a ransomware attack on US IT company Kaseya would mean investigators would not be able to work with every victim individually. On July 2, the Miami based IT and security provider was hit by the colossal cyberattack by a group of Russian hackers called ‘REvil’. The attack not only affected over 200 businesses across America but also hit over 800 grocery stores in Sweden, all of which were indirectly linked to Kaseya.  

Now, a discreet report disclosed that the attack could have targeted as many as 1,000 businesses on Friday, just before long holiday July 4 weekend in the United States. FBI has commenced a full-fledged investigation into the matter joining Cybersecurity and Infrastructure Security Agency and US federal agencies “to understand the scope of threat”. In addendum, they have also issued a warning for affected parties asking them to impose all the required mitigation measures.

"If you believe your systems have been compromised, we encourage you to employ all recommended mitigations, follow Kaseya's guidance to shut down your VSA servers immediately and report to the FBI," the bureau said in a statement Sunday, referencing the signature networking software that was attacked.

"Although the scale of this incident may make it so that we are unable to respond to each victim individually, all information we receive will be useful in countering this threat," the FBI statement said.

President Joe Biden ordered a probe into the attacks, particularly to find out if the hackers were affiliated to Russia. Additional reports suggest that POTUS recently raised the threat in talks with Russian counterpart Vladimir Putin.

Kaseya attacked

On July 2, a computing network management tool by Kesaya, a Florida based IT Firm was targeted into a fresh series of cyber-attacks. Kaseya describes itself as a leading provider of IT and security management services to small- and medium-sized businesses, meaning an attack would make them targets going into the Independence Day holiday weekend in the United States. "We are in the process of investigating the root cause of the incident with an abundance of caution but we recommend that you immediately shut down your VSA server until you receive further notice from us," Kaseya said in a message shared on social media. "

Image: AP/Unsplash