🚀 AI-picked stocks soar in May. PRFT is +55%—in just 16 days! Don’t miss June’s top picks.Unlock full list

No evidence global ransomware hack was by state entity, Italy says

Published 02/06/2023, 08:17 AM
Updated 02/06/2023, 03:51 PM
© Reuters. FILE PHOTO: A computer keyboard lit by a displayed cyber code is seen in this illustration picture taken on March 1,  2017. REUTERS/Kacper Pempel/Illustration/
VMW
-

By Giuseppe Fonte and James Pearson

ROME/LONDON (Reuters) - Global ransomware activity that targeted thousands of computer servers in Italy and other countries was probably the handiwork of criminal hackers and not a state or state-like entity, the Italian government said on Monday.

Italy's National Cybersecurity Agency (ACN) said on Sunday that hackers had targeted thousands of computer servers around the world running on VMware (NYSE:VMW) "ESXi" software.

"No evidence has emerged pointing to aggression by a state or hostile state-like entity", an Italian government statement said, adding that no major Italian institution or company operating in critical national security sectors had been affected.

The hack was identified on Feb. 3 and reached its peak on Sunday, said the statement, which added that the hackers were taking advantage of a software exploit first identified two years earlier, in February 2021.

"Some of the recipients of that advice took the warning into due consideration, others did not and unfortunately are now paying the consequences," the statement added.

VMware's "ESXi" is a kind of hypervisor - software which runs virtual computers. Those virtual systems are sold by some internet hosting companies as low-cost alternatives to running real, physical servers.

A VMware spokesperson said it released an update in 2021 which fixed the issue and urged its customers to patch their systems.

The attack has hit thousands of servers globally, according to data compiled by U.S.-based cybersecurity firm, Censys, with the majority of affected servers in France, followed by the United States and Germany.

© Reuters. FILE PHOTO: A computer keyboard lit by a displayed cyber code is seen in this illustration picture taken on March 1,  2017. REUTERS/Kacper Pempel/Illustration/

"It's somewhat effective but has had a mixed impact. A number of organisations have recovered their virtual machines without having to restore from a backup," said Daniel Card, a cybersecurity consultant based in Britain.

"It appears to be targeting victims mainly in Western countries, but does not look highly sophisticated," Card added.

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.