Network company Kaseya has suffered a ransomware cyberattack that has affected an estimated 1,500 businesses.
The attack, which took place on Friday (July 2), was reportedly carried out by Russian hacking group REvil, which typically encrypts victims’ files before making ransom demands to unlock them.
The group said it wanted a $70 million (£51 million) payment to release the files “in less than an hour.” Fred Voccola, CEO of Kaseya, admitted that it was difficult to determine exactly the extent of the damage caused by the attack, as the people affected were mainly customers of his own customers.
The company is working with the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) to determine the cause of the attack. “Our global teams are working around the clock to get our customers up and running again,” said Voccola.
“We understand that every second they are shut down affects their livelihoods, which is why we are working frantically to fix this.” In defense of his company, Voccola claimed that the impact of this “highly sophisticated attack” has been “highly exaggerated”.
Nevertheless, it forced Co-op’s Swedish division to close 500 of its 800 stores over the weekend as it tried to recover from the attack. Schools and kindergartens as far as New Zealand were also taken offline.
The UK’s National Cyber Security Center (NCSC) has investigated the impact of the incident on UK businesses. “We are actively working to fully understand this incident and mitigate potential risks to the UK,” a spokesperson said.
“At this stage we have seen evidence of limited impact on UK organisations, although our work is ongoing and we remain vigilant for any threats.
We encourage Kaseya customers to read the company’s incident update page, which recommends that people affected do not click on links emailed to them by the attackers, as they may be malicious.
” Since the start of the Covid-19 pandemic in early 2020, hacking activity against companies in the US and other countries has skyrocketed as cybercriminals try to abuse security weakened by new and evolving work-from-home policies that companies were required to roll out for staff during lockdowns and self-isolation.
In November 2020, the NCSC said it had defended the UK against more than 700 cyber attacks in the previous year alone.