Up to 1,500 firms could be affected by cyberattack: US firm kaseya CEO.
A ransomware attack based on US information technology firm Kaseya has hit between 800 and 1,500 firms around the world, according to the company's CEO.
In an interview on Monday, Fred Voccola, the CEO of the Florida-based business, said it was difficult to determine the actual impact of Friday's attack because those affected were mostly Kaseya clients.
Kaseya is a software provider for IT outsourcing agencies, which often undertake back-office work for businesses that are too small or under-resourced to establish their own IT departments.
On Friday, one of these programmes was hacked, allowing the hackers to shut down hundreds of businesses across five continents. Although the majority of those affected were small businesses such as dentists and accountants, the interruption was felt most acutely in Sweden, where hundreds of supermarkets were forced to close due to cash register failures, and New Zealand, where schools and kindergartens were shut down.
In private contacts with a cybersecurity expert and Reuters, the hackers who claimed responsibility for the attack sought $70 million to recover all of the impacted organisations' data, though they indicated a readiness to lower their demands.
“We are always willing to negotiate,” a hacker spokesperson told Reuters early Monday. The person, who interacted with the hackers through a chat window on their website, did not give their identity.
Voccola remained tight-lipped on whether or not he would accept the hackers' offer.
When asked if his company would talk to or compensate the hackers, he answered, "I can't remark "yes," "no," or "maybe." “I have no comment on any aspect of talking with terrorists.”
As ransomware assaults become more disruptive – and lucrative – the idea of ransom payments has gotten more contentious.
Voccola claimed he met with authorities from the White House, the FBI, and the Department of Homeland Security about the incident, but he wouldn't specify what they told him about paying or negotiating.
Exploited by hackers
The White House announced on Sunday that it was looking into whether the ransomware outbreak constituted a "national concern," but Voccola said he was unaware of any nationally significant organisations being affected so far.
He stated, "We're not looking at enormous essential infrastructure." “That isn't our concern. We're not using AT&T's or Verizon's networks or 911 systems. That's not the case.”
Because Voccola's company was in the midst of addressing a software weakness exploited by the hackers at the time of the ransomware assault, some information security experts theorised that the hackers were monitoring his company's communications from the inside.
Voccola claimed that neither he nor the investigators brought in by his firm had seen any evidence of this.
He stated, "We don't believe they were on our network." He went on to say that the specifics of the breach would be made public "as soon as it's'safe' and OK to do so."
The full impact of the hack, according to some analysts, will be apparent on Tuesday, when Americans return from their July Fourth holiday weekend. Apart from the United States, the most prominent disruptions happened in Sweden, where hundreds of Coop shops were forced to close due to malfunctioning cash registers, and in New Zealand, where 11 schools and many kindergartens were affected.
A million machines compromised
The hackers' spokesperson described the disruption in New Zealand as a "accident" in an interview with Reuters.
They did not, however, show any contrition for the disturbance in Sweden.
The shutdown of the supermarkets was "nothing more than a commercial decision.", said the representative.
Organizations in a dozen different nations have been impacted by the hack in some way, according to new study from cybersecurity firm ESET.
The hackers behind the REvil ransomware claimed that a million computers had been infected, according to Mark Loman, director of engineering at Sophos, a cybersecurity business.
“Depending on the size of your company and whether you have backups, it may take weeks to restore everything, and stores in Sweden, which have been impacted, could lose a lot of food and revenue,” he warned.
While many Coop stores were closed on Monday, several were operating and accepting payments using an app called "Scan and Pay."
Anders Nilsson, chief technology officer at ESET Nordics, said, "I don't think we've seen anything on this scale before." “This is the first time we've seen a grocery store unable to handle payments, and it demonstrates our vulnerability.”
