U.S. Company Searches For Answers After Suspected Russian-Based Ransomware Attack

A U.S. IT provider that was been hit by a major ransomware attack on the eve of a long holiday weekend in the United States is scrambling to help its customers get their systems running again while it works with the U.S. government to determine the extent of the attack.
The Florida-based company said its CEO would be interviewed on U.S. television on July 4 regarding the incident, a sophisticated ransomware attack that cybersecurity experts believe was carried out by Russian criminal hackers. The gang known as REvil is suspected of hijacking Kaseya's desktop management software and pushing a malicious update that infected tech management providers serving thousands of business. Kaseya said it was working with the FBI and that only about 40 of its customers were impacted directly. But the ransomware could still be affecting many more companies that rely on Kaseya's clients. Kaseya issued an updated response late on July 3 in which it did not comment on how many customers were management providers that in turn would have spread the malicious software to others. It also did not say how much ransom had been demanded or whom the company suspects as the perpetrator.
Kaseya has "unfortunately been the victim of a sophisticated cyberattack," the statement said, adding that it believes the attack is limited to a "very small number of on-premises customers." It said all affected servers should remain offline until further instructions from Kaseya. The company said it would provide an update on July 4 about a patch that will be required before the servers can be restarted. It also said outside experts had advised that customers who receive communication from the attackers should not click on any links "as they may be weaponized." The FBI issued a statement saying it was investigating the matter in coordination with the U.S. Cybersecurity and Infrastructure Security Agency.

President Joe Biden said he has directed U.S. intelligence agencies to investigate who was behind the attack.
Biden, who raised the threat of cyberattacks in a summit last month with Russian President Vladimir Putin, added that he would know more on July 4 about whether the attack on Kaseya was "either with the knowledge of and-or a consequence of Russia." Huntress Labs, a security firm that was one of the first to sound the alarm, said thousands of small companies might have had files encrypted by the cybercriminals, who left electronic messages asking for ransom payments of thousands or millions of dollars. One of Sweden's biggest grocery chains, Coop, said its 800 stores were closed on July 3 because a remote tool used for its cash registers was impacted, meaning payments couldn't be taken. Swedish State Railways and a major local pharmacy chain were also affected. The Swedish news agency TT said Kaseya technology was used by the Swedish company Visma Esscom, which manages servers and devices for a number of Swedish businesses. Swedish Defense Minister Peter Hultqvist told Swedish Television that the attack was "very dangerous" and showed how businesses and state agencies needed to improve their preparedness. "In a different geopolitical situation, it may be government actors who attack us in this way in order to shut down society and create chaos," he said. Some experts speculated that the timing of attack immediately before the U.S. Independence Day holiday weekend, was aimed at spreading the ransomware while employees were away from their job.

With reporting by Reuters and AFP

Radio Free Europe

RFE/RL journalists report the news in 22 countries where a free press is banned by the government or not fully established, including Iran, Afghanistan, Pakistan, and Russia.

https://www.rferl.org/

Related news
Could Hong Kong's new immigration law ban residents from leaving? - DW News.

Could Hong Kong's new immigration law ban residents from leaving? - DW News.

A new amendment to Hong Kong's immigration law takes effect today. Critics say the change could give the government power to ban residents from leaving the city. Hong Kong’s administrators say the law, part of China's crackdown in Hong Kong, targe...

Ron DeSantis: Parents should decide on masking kids in school.

Ron DeSantis: Parents should decide on masking kids in school.

Florida Governor Ron DeSantis discusses his effort to protect his state's freedom on 'Unfiltered with Dan Bongino.' #FoxNews Subscribe to Fox News! Watch more Fox News Video: Watch Fox News Channel Live: FOX News Channel (FNC) is a 24-hour all-enc...

Wildfires rage across Europe fed by wind and soaring temperatures - DW News.

Wildfires rage across Europe fed by wind and soaring temperatures - DW News.

Wildfires are destroying huge swathes of territory around Europe. Finland has been battling its biggest forest fire in half a century. Heatwaves are also causing havoc further south. The worst blazes are raging in southern Turkey, where six people...

NIH director: Delta variant is a 'different virus,' could hit reset button.

NIH director: Delta variant is a 'different virus,' could hit reset button.

National Institutes of Health Director Dr. Francis Collins discusses new health guidance as the Delta coronavirus variant spreads across the U.S. #FoxNews #FoxNewsSunday Subscribe to Fox News! Watch more Fox News Video: Watch Fox News Channel Live...

Bill Bennett on Dems push to extend eviction moratorium: 'This is all about control'.

Bill Bennett on Dems push to extend eviction moratorium: 'This is all about control'.

Former Education Secretary under Reagan Bill Bennett discusses progressives protesting against ending the eviction ban, arguing he's 'never seen anything like it.' Subscribe to Fox News! Watch more Fox News Video: Watch Fox News Channel Live: FOX ...

Rise in sexual violence against disabled women

Rise in sexual violence against disabled women

There are calls for police officers to receive more training in dealing with disabled abuse victims. It follows new figures showing sexual violence against disabled women in England and Wales has more than doubled in the past six years. Sky's Lisa...