Kaseya ransomware attacks threaten global businesses |
Hackers launched a global ransomware attack that infected more than 1,000 companies and forced the Coop grocery chain in Sweden to close hundreds of stores.
In one of the largest supply chain attacks to date, hackers infiltrated IT management software provider Kaseya in order to use its technology to deliver ransomware to managed service providers and their clients.
Network security organization Huntress Labs said it has identified 20 infected hosting providers, including more than 1,000 customers who were victims of ransomware attacks.
Among the victims, Sweden's Coop said it had closed five of its 800 stores after the attack prevented its registration system from working.
The company said Coop was affected by the infection of its hosting provider Vissma Escom.
Huntress Labs has blamed Russia affiliate REvil for the attacks that the FBI says are behind the latest attack on beef supplier JBS.
US President Joe Biden said he has ordered US government agencies to investigate behind the scenes. "The original idea was that it wasn't the Russian government, but we're not sure yet," he added.
This incident is the latest example of hackers intrusion into the IT supply chain to infiltrate a single vendor to target victims at scale.
Last year, there was news that state-sponsored Russian hackers had hacked the SolarWinds computer group. This is done to infiltrate the email networks of federal agencies and US companies.
Kaseya said it was the victim of a sophisticated cyber attack that affected about 40 of its 36,000 direct customers.
Ransomware attacks threaten global companies
Kaseya urges those using infected VSA server tools that provide remote monitoring to shut it down.
The company added: "We believe we have identified the source of the vulnerability and are working on a patch to alleviate problems for our local customers."
The FBI investigated the ransomware attack. The office works with Kaseya and the US Cybersecurity and Infrastructure Agency to contact victims.
This is the latest in a series of ransomware attacks this year. Including attacks on US colonial pipelines, which prompted the Biden government to take action against the perpetrators.
At the Geneva summit last month, President Joe Biden urged Russian President Vladimir Putin to get ransomware hackers under control.