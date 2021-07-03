



James Martin / CNET

A new attack has surfaced following the recent ransomware attacks that destroyed major US gas pipelines and major meat producers. This time around, we hit a Miami-based company that provides technology management tools to organizations around the world. Hundreds of companies, including Swedish railroad, pharmacy and grocery chains, have been reportedly affected by an attack on software company Kaseya, which posted alerts on its site on Friday and Saturday.

“Customers who have experienced ransomware and received communications from attackers should not click the link. We have received advice from outside experts that it may have been weaponized,” the company said. FBI to deal with cyber attacks, as stated in the alert.

This attack involves a Kaseya product called VSA. This allows small businesses to remotely monitor their computer systems and automatically handle regular server maintenance and security updates.

Less than 40 customers were affected by the cyberattack, the company’s CEO told The New York Times, some of which are managed service providers capable of providing IT tools to hundreds of companies. According to The Times, Coop, one of Sweden’s largest grocery chains, had to close at least 800 stores in order to attack. According to Kaseya, more than 40,000 organizations around the world use at least one product, not necessarily a VSA product.

Ransomware attacks, in which hackers compromise systems and retain networks and data for ransom, are becoming an increasingly alarming phenomenon. Last month, JBS, one of the largest meat producers in the United States, paid a ransom of $ 11 million in an attack that temporarily knocked out its processing plant. And in May, the Colonial Pipeline revealed that the attack had to shut down the main pipeline that carried gas to the densely populated east coast of the United States. Colonial paid the hacker a $ 4.4 million ransom, but the Justice Department later said it had recovered part of the payment. According to The Times, some victims of the Kaseya VSA attack were required to pay a ransom of $ 5 million.

Apart from the economic impact, such attacks that also hit hospitals, banks and city governments raised concerns about critical infrastructure vulnerabilities. Shortly after the Colonial Pipeline attack was revealed, US President Joe Biden signed an executive order aimed at improving US cybersecurity defenses. The Biden administration also said it plans to launch a task force to crack down on hackers using ransomware.

And at Biden’s summit with Russian President Vladimir Putin last month, one of the main topics of the debate was important infrastructure, whether initiated by the nation-state or hacked gangs within its boundaries. It was a cyber attack against.

Both Kaseya and US cybersecurity and infrastructure agencies have advised customers running VSA software on their servers to shut them down. Asked for additional information about the VSA attack, Kaseya said he is sharing the latest updates on his website and social media. The Wall Street Journal reported that the same hacking group, REvil, behind the attack on meat producer JBS was responsible for the VSA cyberattack.

