Up to 1,500 companies worldwide have been affected by the cyberattack with ransomware via the ICT management software VSA. So says Kaseya, the American developer of the software. It mainly concerns small companies whose ICT network is managed by Kaseya customers, it says.
According to the Miami-based developer, some 50 of its 40,000 or so customers worldwide were directly affected by the cyber attack. “This attack was never a threat and had no impact on critical infrastructure,” said Kaseya.
The company notes that many customers use its software to manage the IT infrastructure of “local and small businesses with fewer than 30 employees, such as dentists, small accounting firms, and local restaurants.” “Of the estimated 800,000 to 1 million local and small businesses managed by Kaseya’s customers, only 800 to 1,500 have been affected.”
Kaseya CEO Fred Voccola emphasizes that “our teams are working around the clock” to get customers’ systems up and running again. The company also partners with the FBI, the cybersecurity agency CISA, the Department of Homeland Security, the White House, and a cyberattack resolving firm.
“It’s about working together to solve the problem and identify the responsible parties so that they can be held accountable,” said Voccola.
Russian hacker collective
Hackers linked to the Russian hacker collective REvil are said to be behind the cyber attack with ransomware. The suspected perpetrators have demanded a ransom of $70 million in bitcoins but are reportedly willing to negotiate.
Voccola did not want to say to Reuters news agency whether he will talk to the criminals. Ransom payments are controversial as ransomware attacks are becoming more malicious and potentially more profitable for criminals.
There have been no reports on victims at the Center for Cybersecurity (CCB) for the time being. Last weekend, the CCB called on all companies using Kaseya’s IT management software to shut down that system immediately.
Among the indirect victims is the Swedish supermarket chain Coop, whose cash registers have been paralyzed since Friday after its ICT service provider Visma Esscom was hit.