A massive ransomware attack could impact thousands of businesses around the world. A Swedish supermarket brand was forced to close its 800 stores this weekend. The attack could come from a group of already known Russian hackers.
After the said affair Solarwinds which had shaken the American administrations and very large companies on the planet whose Microsoft, it’s a cyber attack that could impact thousands of small companies that took place this weekend. It has already resulted in the closure of 800 supermarkets in Sweden. Everything comes from the attack on the American company Kaseya. Network management software publisher, the firm has been the main target of hackers and it is via its servers that they could to implant a ransomware with a large number of the company’s customers.
The viral load was simply placed in an update to the publisher’s VAS software and still has the capacity to impact Kaseya’s 40,000 customers. The firm therefore asked its customers to deactivate YOU, but the ransomware still immediately infected around 40 customers, including the Swedish supermarket chain Coop, whose checkouts were paralyzed. For the moment, a dozen different countries have already been affected, according to a report published by the security specialist Eset. Around 1,000 companies directly operating VAS are also likely to be victims of the attack in the coming days, but the collateral damage could be much greater and concern thousands of small structures including schools, small public sector organizations, travel and leisure agencies, credit unions and accountants …
The shadow of Russian hackers
This is an attack by ransomware as important or even more than la fameuse WannaCry of 2017. For now, hackers are demanding a running ransom total of $ 70 million to decipher the data companies. If they don’t pay their ransom, they threaten to release their data publicly.
According to several experts, it is still towards Russia that the eyes are turning for the attribution of this attack. Hackers suspected of being behind the attack are claiming $ 70 million to restore the data they hold as a ransom. And the requests were posted on a blog typically used by a hacker group called REvil or Sodinokibi. A group linked to the Russia appeared in 2019 and is one of the most prolific in matter de ransomwares.
He recently ransomed Brazilian meat-packing company JBS to the tune of $ 11 million, which was able to recover its data after paying. On the side of the American authorities, we are still trying to verify whether the leg of the Kremlin could have supported the attack, although this seems unlikely. Very upset against the cyberattacks permeated by groups of hackers close to Russian intelligence agencies, US President Joe Biden does not intend to stop there and retaliate if, however, evidence links the group of hackers to the Russian state.
What you must remember
- Massive cyber ransomware attack threatens thousands of businesses.
- They were contaminated by an update of a computer network management software from Kaseya.
- It seems that the Russian pirate group REvil is behind this attack.
Interested in what you just read?