Computer software from US company Kaseya, the victim of a cyberattack since Friday, “has been used to encrypt more than a thousand companies,” according to cybersecurity company Huntress Labs. One of Sweden’s leading supermarket chains has temporarily closed almost all of its 800 stores due to a problem with its cash register management program.
Kaseya, who categorized the attack as “sophisticated”, for his part assured that it was limited to “a very small number of clients”, but the latter, in turn, provide services to other companies that managed to manage the pirates. demand a ransom.
The US Cyber and Infrastructure Security Agency (CISA) is “monitoring the situation closely,” said Eric Goldstein, the organization’s head of cybersecurity.
“We are working with Kaseya and coordinating with the FBI (US Federal Police) to raise awareness for victims who may be harmed.”Goldstein added, quoted by French news agency AFP.
Early Friday afternoon on the east coast of the United States Kaseya learned of a possible incident with her VSA software.even ahead of the long Monday weekend, and it is estimated that “fewer than 40 customers worldwide” will be affected.
A computer program known as ransomware, used by hackers, exploits security holes in a company or another person to encrypt and lock its systems, and then demands a ransom to unblock them.
This attack has already had direct consequences: today, one of Sweden’s main supermarket chains was forced to temporarily close almost all of its 800 stores as a cyber attack paralyzed cash registers.
“Ransomware attacks” have become commonplace, but typically “cybercriminals run the business,” explained Jerome Billois, cybersecurity expert at Wavestone consultancy.
“In this case, they attacked a computer systems management software company, which allowed them to simultaneously attack dozens or even hundreds of other companies.”, he continued.
“It is difficult to determine exactly how much, because in such a situation, the affected companies lose their media,” commented Billua.
Kaseya, which has asked its customers to shut down all of its systems, cannot know if those systems were shut down “voluntarily or involuntarily,” the expert added.
Based in Miami, Kaseya sells software to small and medium-sized businesses, including VSA software, designed to manage their networks of servers, computers and printers from a single source.and claims to have over 40,000 clients.
According to Huntress Labs, according to the methods used, the ransomware notes and the Internet address provided by the hackers, the author must be a member of a group of “hackers” known as Revil or Sodinokibi.
