A cyberattack on the United States IT firm Kaseya may have affected more than a thousand companies, according to experts. Kaseya's software had been manipulated by extortion software "to encrypt data of more than a thousand companies," Huntress Labs, a consulting firm specializing in cybersecurity, said Saturday. Among those affected was Swedish supermarket chain Coop, which had to temporarily close 800 stores due to malfunctioning cash registers.
The cyberattack occurred ahead of the Independence Day weekend celebrations in the US. IT company Kaseya had confirmed the cyberattack on Friday, assuring that the attack had been contained, affecting only a "very small percentage" of customers who used Kaseya's so-called VSA network. This was "estimated to be less than 40 worldwide," it said.
In ransomware attacks, hackers lock or encrypt their victims' computer systems to extort a ransom (ransom in English) from users for their release.Kaseya says it is a leading provider of information technology and IT security for small and medium-sized businesses. Through its VSA software, companies can control all their computers and printers from a single workstation. Kaseya's U.S. headquarters is in Florida, and its international headquarters is in Ireland.
U.S. President Joe Biden responded evasively Saturday to questions about Russia's possible responsibility. "The initial thinking was that it wasn't the Russian government, but we're not sure yet," Biden said at an appearance in Central Lake, Michigan. He said he has tasked intelligence agencies with an investigation into the incident. The United States has repeatedly blamed Russia for hacking attacks. Russia has always denied this.Recently, there have been several cyberattacks on US companies. In May, the Colonial oil pipeline in the U.S. and the U.S. subsidiary of the world's largest meat producer JBS fell victim to cyberattacks with ransomware. Last year, hackers gained access to the systems of ministries, government agencies and companies via software from the American IT company SolarWinds.
According to the New Zealand government's computer emergency response team, a hacker group called REvil was behind the cyberattack on Kaseya. According to the U.S. Federal Bureau of Investigation, REvil was also responsible for the cyberattack on JBS.The UN Security Council held its first-ever meeting this week on cybersecurity and the growing threat to countries' infrastructure from hacker attacks.
Image by Gerd Altmann