United States intelligence authorities investigate a sequence of cyber attacks around the world against companies that use the American technology management software Kaseya. Cybersecurity expert Huntress Labs identified attacks on 20 IT service providers, which hit more than a thousand companies around the world.
The main suspicion at the moment is that the onslaught was carried out by the Russian criminal group REvil, the same one that attacked the operations of JBS In the USA. The gang uses the scheme known as Ransomware, in which there is a kind of hijacking of the system and collection of ransom for release.
According to the agency Bloomberg, citing ESET researcher Aryeh Gorestky, there are victims in at least 17 countries so far, including the United Kingdom, South Africa, Mexico and Spain. Kaseya has asked its customers to keep the software offline while the issue is resolved.
Sweden’s supermarket chain Coop revealed that it had closed about 500 stores in the country yesterday after being targeted by the attack. A spokesman for the retailer told the BBC that it has made the decision not to open most of its stores today while the situation is resolved.
In a Twitter post, the US Cyber Security and Infrastructure Security (CERT) agency said it “is taking action to understand and deal with the recent attack against the Ksaeya VSA.”
The attacks come just over two weeks after US President Joe Biden asked Russian counterpart Vladimir Putin to take steps to curb cyber attacks coming from the country. During a face-to-face meeting in Geneva, Putin again denied that the government has any relationship with the cases.