A serial cyber attack hit 200 companies in the US
Poor Kevin Collier – NBC News
a Data piracy (ransomware) cyber attacks against a single company are widespread, affecting at least 200 organizationsAccording to computer security company Huntress Labs, it has thus become one of the largest companies of its kind ever registered.
The attack, known on Friday afternoon, appears to be linked to a prolific group of cybercriminals known as REvil, and was perpetrated by Kaseya, an international company that remotely controls computer software for companies that run other companies’ internet services.
[Alerta por los recientes ciberataques: el Gobierno urge tomar medidas para evitarlos]
Kaseya reported this Friday that was attacked before pirates He warned his customers to stop using his service immediately. At least four direct clients of Kaseya have been successfully targeted, according to John Hammond, a security expert at Huntress Labs who helps respond to the incident.
Since it’s not been revealed how many businesses Kaseya’s clients run, it’s unclear how many businesses have been targeted so far, but Huntress Labs puts it close to 200, according to Hammond, and The number is expected to grow.
It is unlikely that it was a coincidence that the attack coincided with the weekend of July 4th. This type of pirates You usually schedule your criminal acts to begin at the beginning of the vacation To reduce the number of cybersecurity professionals available to respond quickly to the spread of malware.
These programs used to encrypt their victims’ computers (who are then required to obtain a ransom to recover them) look similar to the ones you normally use REvil Group, composed mostly of Russian-speaking people, according to various investigations. In the past, REvil attempted to carry out attacks on several organizations at the same time through the “supply chain”, hoping to be successful at least once and automatically move on to other goals.
The US Cyber Security Agency indicated Friday afternoon that it was “taking steps to decrypt and respond” to the attack. Its executive vice president, Eric Goldstein, said he’s looking into what happened with the FBI. “We encourage those who may be affected to use the recommended harm mitigation methods and follow Kaseya’s guidelines.He stated in an email.