Breaking News
0
Ad-Free Version. Upgrade your Investing.com experience. Save up to 40% More details

Up to 1,500 businesses affected by ransomware attack, U.S. firm's CEO says

WorldJul 05, 2021 08:20PM ET
Saved. See Saved Items.
This article has already been saved in your Saved Items
 
2/2 © Reuters. FILE PHOTO: A man types on a computer keyboard in Warsaw in this February 28, 2013 illustration file picture. REUTERS/Kacper Pempel/File Photo 2/2

By Raphael Satter

WASHINGTON (Reuters) -Between 800 and 1,500 businesses around the world have been affected by a ransomware attack centered on U.S. information technology firm Kaseya, its chief executive said on Monday.

Fred Voccola, the Florida-based company's CEO, said in an interview that it was hard to estimate the precise impact of Friday's attack because those hit were mainly customers of Kaseya's customers.

Kaseya is a company which provides software tools to IT outsourcing shops: companies that typically handle back-office work for companies too small or modestly resourced to have their own tech departments.

One of those tools was subverted on Friday, allowing the hackers to paralyze hundreds of businesses on all five continents. Although most of those affected have been small concerns - like dentists' offices or accountants - the disruption has been felt more keenly in Sweden, where hundreds of supermarkets had to close because their cash registers were inoperative, or New Zealand, where schools and kindergartens were knocked offline.

The hackers who claimed responsibility for the breach have demanded $70 million to restore all the affected businesses' data, although they have indicated a willingness to temper their demands in private conversations with a cybersecurity expert and with Reuters.

"We are always ready to negotiate," a representative of the hackers told Reuters earlier Monday. The representative, who spoke via a chat interface on the hackers' website, didn't provide their name.

Voccola refused to say whether he was ready to take the hackers up on the offer.

"I can't comment 'yes,' 'no,' or 'maybe'," he said when asked whether his company would talk to or pay the hackers. "No comment on anything to do with negotiating with terrorists in any way."

The topic of ransom payments has become increasingly fraught as ransomware attacks become increasingly disruptive - and lucrative.

Voccola said he had spoken to officials at the White House, the Federal Bureau of Investigation, and the Department of Homeland Security about the breach but declined to say what they had told him about paying or negotiating.

On Sunday the White House said it was checking to see whether there was any "national risk" posed by ransomware outbreak but Voccola said that - so far - he was not aware of any nationally important organizations being hit.

"We're not looking at massive critical infrastructure," he said. "That's not our business. We're not running AT&T (NYSE:T)'s network or Verizon (NYSE:VZ)'s 911 system. Nothing like that."

Because Voccola's firm was in the process of fixing a vulnerability in the software that was exploited by the hackers when the ransomware attack was executed, some information security professionals have speculated that the hackers might've been monitoring his company's communications from the inside.

Voccola said neither he nor the investigators his company had brought in had seen any sign of that.

"We don't believe that they were in our network," he said. He added that the details of the breach would be made public "once its 'safe' and OK to do that."

Some experts believe the full fallout from the hack will come into focus on Tuesday, when Americans return from their July Fourth holiday weekend. Beyond the United States, the most notable disruption occurred in Sweden - where hundreds of Coop supermarkets had to shut their doors because their cash registers were inoperative - and in New Zealand, where 11 schools and several kindergartens were affected.

In their conversation with Reuters, the hackers' representative described the disruption in New Zealand as an "accident."

But they expressed no such regret about the disruption in Sweden.

The supermarkets' closure was "nothing more than a business," the representative said.

About a dozen different countries have had organizations affected by the breach in some way, according to research published https://www.welivesecurity.com/2021/07/03/kaseya-supply-chain-attack-what-we-know-so-far by cybersecurity firm ESET.

Up to 1,500 businesses affected by ransomware attack, U.S. firm's CEO says
 

Related Articles

Add a Comment

Comment Guidelines

We encourage you to use comments to engage with other users, share your perspective and ask questions of authors and each other. However, in order to maintain the high level of discourse we’ve all come to value and expect, please keep the following criteria in mind:  

  •            Enrich the conversation, don’t trash it.

  •           Stay focused and on track. Only post material that’s relevant to the topic being discussed. 

  •           Be respectful. Even negative opinions can be framed positively and diplomatically. Avoid profanity, slander or personal attacks directed at an author or another user. Racism, sexism and other forms of discrimination will not be tolerated.

  • Use standard writing style. Include punctuation and upper and lower cases. Comments that are written in all caps and contain excessive use of symbols will be removed.
  • NOTE: Spam and/or promotional messages and comments containing links will be removed. Phone numbers, email addresses, links to personal or business websites, Skype/Telegram/WhatsApp etc. addresses (including links to groups) will also be removed; self-promotional material or business-related solicitations or PR (ie, contact me for signals/advice etc.), and/or any other comment that contains personal contact specifcs or advertising will be removed as well. In addition, any of the above-mentioned violations may result in suspension of your account.
  • Doxxing. We do not allow any sharing of private or personal contact or other information about any individual or organization. This will result in immediate suspension of the commentor and his or her account.
  • Don’t monopolize the conversation. We appreciate passion and conviction, but we also strongly believe in giving everyone a chance to air their point of view. Therefore, in addition to civil interaction, we expect commenters to offer their opinions succinctly and thoughtfully, but not so repeatedly that others are annoyed or offended. If we receive complaints about individuals who take over a thread or forum, we reserve the right to ban them from the site, without recourse.
  • Only English comments will be allowed.

Perpetrators of spam or abuse will be deleted from the site and prohibited from future registration at Investing.com’s discretion.

Write your thoughts here
 
Are you sure you want to delete this chart?
 
Post
Post also to:
 
Replace the attached chart with a new chart ?
1000
Your ability to comment is currently suspended due to negative user reports. Your status will be reviewed by our moderators.
Please wait a minute before you try to comment again.
Thanks for your comment. Please note that all comments are pending until approved by our moderators. It may therefore take some time before it appears on our website.
Comments (1)
Kaveh Sun
Kaveh Sun Jul 05, 2021 6:24PM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
An IT company manages computers for customer should take security seriously. Part of their job is to make sure all devices have malware protection. This is the result of talking customers money and do little or nothing.
Millennial Dip Buyer
Millennial Dip Buyer Jul 05, 2021 6:24PM ET
Saved. See Saved Items.
This comment has already been saved in your Saved Items
Sounds like you're absolutely clueless about how the attacks work.  Which is okay, more proof IT isn't a dying profession.
 
Are you sure you want to delete this chart?
 
Post
 
Replace the attached chart with a new chart ?
1000
Your ability to comment is currently suspended due to negative user reports. Your status will be reviewed by our moderators.
Please wait a minute before you try to comment again.
Add Chart to Comment
Confirm Block

Are you sure you want to block %USER_NAME%?

By doing so, you and %USER_NAME% will not be able to see any of each other's Investing.com's posts.

%USER_NAME% was successfully added to your Block List

Since you’ve just unblocked this person, you must wait 48 hours before renewing the block.

Report this comment

I feel that this comment is:

Comment flagged

Thank You!

Your report has been sent to our moderators for review
Disclaimer: Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. All CFDs (stocks, indexes, futures) and Forex prices are not provided by exchanges but rather by market makers, and so prices may not be accurate and may differ from the actual market price, meaning prices are indicative and not appropriate for trading purposes. Therefore Fusion Media doesn`t bear any responsibility for any trading losses you might incur as a result of using this data.

Fusion Media or anyone involved with Fusion Media will not accept any liability for loss or damage as a result of reliance on the information including data, quotes, charts and buy/sell signals contained within this website. Please be fully informed regarding the risks and costs associated with trading the financial markets, it is one of the riskiest investment forms possible.
Continue with Google
or
Sign up with Email