Up to 1,500 companies could be affected by Friday’s cyberattack: CEO | Business and Economy News
Between 800 and 1,500 companies worldwide have been affected by a ransomware attack centered on US information technology company Kaseya, its chief executive said.
Fred Voccola, CEO of the Florida-based company, said in an interview Monday that it was difficult to estimate the precise impact of Friday’s attack because those affected were mostly customers of Kaseya’s customers.
Kaseya is a company that provides software tools for IT outsourcing companies: companies that typically handle back office work for companies that are too small or have little resources to have their own technical departments.
One of those tools was hijacked on Friday, allowing hackers to cripple hundreds of businesses across five continents. Although most of those affected were small businesses – such as dental offices or accountants – the disruption was felt most severely in Sweden, where hundreds of supermarkets had to close because their cash registers were inoperative, or in operation. New Zealand, where schools and kindergartens taken offline.
The hackers who claimed the breach have asked for $ 70 million to restore all data from the affected companies, although they have indicated their willingness to temper their requests in private conversations with a cybersecurity expert and with Reuters.
“We are always ready to negotiate,” a pirate representative told Reuters on Monday. The representative, who spoke through a chat interface on the hackers website, did not provide his name.
Voccola declined to say if he was prepared to accept the pirates’ offer.
“I can’t comment on ‘yes’, ‘no’ or ‘maybe’,” he said when asked if his company would talk or pay hackers. “No comment on anything to do with negotiating with terrorists in any way.”
The subject of ransom payments has grown increasingly heavy as ransom attacks become more disruptive – and lucrative.
Voccola said he spoke to officials at the White House, Federal Bureau of Investigation and Department of Homeland Security about the breach, but declined to say what they told him about the payment or negotiation.
Exploited by hackers
On Sunday, the White House said it was checking whether there was a “national risk” posed by the ransomware outbreak, but Voccola said that – until now – he was unaware of no organizations of national significance affected.
“We are not looking for massive critical infrastructure,” he said. “It’s none of our business. We do not use the AT&T network or the Verizon 911 system. Nothing like.”
Since Voccola’s company was patching a vulnerability in the software that was exploited by hackers when the ransomware attack was executed, some information security professionals have speculated that the hackers could have monitored his company’s communications from the inside.
Voccola said neither he nor the investigators his company hired saw any sign of this.
“We don’t think they were part of our network,” he said. He added that the details of the violation would be made public “once it is ‘safe’ and you can do it.”
Some experts believe that all the fallout from the hack will be highlighted on Tuesday, when Americans return from their July 4th holiday weekend. Beyond the United States, the most notable disruption occurred in Sweden – where hundreds of Coop supermarkets had to close because their cash registers were inoperative – and New Zealand, where 11 schools and several kindergartens have been affected.
A million machines compromised
In their conversation with Reuters, the pirate representative called the disruption in New Zealand an “accident”.
But they expressed no regrets about the disruption in Sweden.
Closing the supermarkets was “nothing more than a business,” the representative said.
According to a study published by cybersecurity firm ESET, a dozen different countries have had organizations affected by the breach in one way or another.
The hackers, REvil ransomware, had claimed that a million machines had been compromised, said Mark Loman, director of engineering at cybersecurity firm Sophos.
“Depending on the size of your business and if you have backups, it can take weeks before you have everything restored, and since supermarkets in Sweden have been affected, they can lose a lot of food and income,” he said. he declared.
While many Coop stores remained closed on Monday, some stores opened and allowed customers to pay using an app called “Scan and Pay”.
“I don’t think we’ve seen anything on such a large scale before,” said Anders Nilsson, CTO at ESET Nordics. “This is the first time we’ve seen a grocery store not be able to process payments and it shows how vulnerable we are.”