Biden hired US intelligence to investigate the case. “The original interpretation was that it was not about the Russian government, but we are not yet sure,” said the US president on the eve of the biggest US holiday. Should it turn out that Russia was to blame, there would be an answer from Washington. US companies had been the target of cyberattacks several times in the recent past, each of which was blamed by Russian hackers. At their summit in Geneva in mid-July, Biden and his Russian counterpart Vladimir Putin agreed to work on the problem with a joint working group.
According to cybersecurity consulting firm Huntress Labs, Kaseya’s VSA software was tampered with “to encrypt more than a thousand companies.” The IT company Kaseya confirmed the cyber attack on Friday and assured them that the attack had been contained, so that only a “very small percentage” of the customers who used the so-called VSA network from Kaseya was affected. Huntress Labs had previously stated that the computer networks of around 200 companies were “encrypted” in the hacking attack.
Computer systems blocked or encrypted
When attacking with ransomware, hackers lock or encrypt the computer systems of their victims in order to extort money from the users for the release of their data. According to its own information, Kaseya is a leading provider of information technology and IT security for small and medium-sized companies. Companies can use the VSA server to control all of their computers and printers from a single workstation.
“We are in the process of investigating the actual cause of the incident with a high degree of caution,” Kaseya said in a forum on the online service Reddit. The company asked its customers to shut down their so-called VSA server immediately “until you receive further information from us”.
Kaseya later stated that its customers had been informed of the incident via the company website, by e-mail, on the computer display and by telephone, and that they had been asked to shut down their VSA servers. “We think that we have found the source of the vulnerability and are preparing a correction,” said the Miami-based company, which claims to have more than 40,000 customers.
800 Coop supermarket branches blocked in Sweden
According to its own statements, one of the largest Swedish supermarket chains had to temporarily close around 800 branches on Saturday because their registers no longer worked. Coop Sweden announced that a subcontractor had become the target of the digital attack. The company did not provide any details. However, the Swedish subsidiary of the software company Visma announced that the problem was related to a major cyber attack on the American IT company Kaseya on Friday.
In addition to other companies, the state railway company SJ was also affected. As a result, passengers could not pay by card in the bistro. On Friday evening there was an attack on a Coop service provider that affected both the normal cash register systems and self-service checkouts in supermarkets, SVT reported. They worked all night on the problems, but they still could not be solved, said a spokeswoman for the broadcaster. In individual regions, some branches in the country were able to reopen, with some using other payment systems.
The US Cyber Security Agency (CISA) said it is investigating the incident. She called on companies to follow Kaseya’s instructions and shut down their VSA server immediately. The cyber attack occurred before the weekend celebrating US Independence Day.
REvil suspected to be the culprit
According to the New Zealand government’s computer emergency team, a hacker group called REvil was behind the cyber attack.
In May the colonial oil pipeline in the USA and the US subsidiary of the world’s largest meat producer JBS fell victim to a cyber attack with ransomware. Last year, hackers gained access to the systems of ministries, authorities and companies using software from the US IT company SolarWinds. The US Federal Police FBI blamed hackers in Russia for these cyber attacks. The attack on JBS was therefore verbt by REvil.
Jane Stock is a technology author, who has written for 24 Hours World. She writes about the latest in technology news and trends, and is always on the lookout for new and innovative ways to improve his audience’s experience.
