US: Between 800 to 1,500 companies affected by ransomware attack, says IT firm

Between 800 and 1,500 businesses across the globe have been affected by a ransomware attack centred on US IT firm Kaseya, its chief executive said on July 5. While speaking to Fox Business, Fred Voccola, the Florida-based company's CEO, said that it was hard to estimate the precise impact of Friday’s attack because those hit were mainly customers of Kaseya’s customers. He explained that less than 60 of its customers had been affected, but between 800 and 1,500 of those companies’ customers may have been reached. 

Kaseya is a company that provides software tools to IT outsourcing shops - companies that typically handle back-office work for companies too small or modestly resourced to have their own tech departments. One of those tools was subverted last week, allowing the hackers to paralyze hundreds of businesses on all five continents. According to reports, the disruption caused by the attack has been small concerns for most, but in Sweden, the attack caused hundreds of supermarkets to close because their cash registers were inoperative. In New Zealand, schools and kindergartens were also knocked offline. 

Hackers demand $70 million 

Hackers suspected to be behind the ransomware attack have demanded US$70 million to restore data they are holding, according to a posting on a dark website. The demand was posted on a blog typically used by the REvil cybercrime gang, a group of Russia-based hackers counted amongst the world’s most prolific extortionists. In the posting, REvil offered to release a global decryptor key in exchange for the said amount.

FBI has commenced a full-fledged investigation into the matter joining Cybersecurity and Infrastructure Security Agency and US federal agencies “to understand the scope of threat”. In addendum, they have also issued a warning for affected parties asking them to impose all the required mitigation measures. The White House, on the other hand, has said that it was reaching out to victims of the ransomware attack. 

On July 2, the Miami-based IT and security provider was hit by a colossal cyberattack by a group of Russian hackers called ‘REvil’. The attack not only affected over 200 businesses across America but also hit over 800 grocery stores in Sweden, all of which were indirectly linked to Kaseya. US President Joe Biden ordered a probe into the attacks, particularly to find out if the hackers were affiliated with Russia. Additional reports suggest that POTUS recently raised the threat in talks with Russian counterpart Vladimir Putin.

(Image: Unsplash)