Ransomware attacks have affected up to 1,500 companies, says the U.S. CEO

By Raphael Satter

WASHINGTON (Reuters) – Between 800 and 1,500 companies worldwide have been hit by a ransomware attack centered on the U.S. information technology company Kaseya, its CEO said Monday.

Florida company CEO Fred Voccola said in an interview that it is difficult to estimate the exact impact of Friday’s attack, given that the victims were mostly Kaseya’s customers.

Kaseya is a company that provides software tools to IT tool outlets: usually small companies that manage back office work or have modest resources to have their own technology departments.

One of those tools was overturned on Friday, and hackers were able to paralyze hundreds of companies on five continents. Although most of the victims were minor concerns (such as dentists ’offices or accountants), the disruption was felt more intensely in Sweden as hundreds of supermarkets had to close due to out-of-the-box boxes or in New Zealand where schools and kindergartens were knocked offline.

Hackers responsible for the offense have demanded $ 70 million to recover all data from the affected businesses, although they have expressed a willingness to temper requests in a private interview with a cybersecurity expert and Reuters.

“We are always ready to negotiate,” the hacker’s representative told Reuters on Monday. The representative, who spoke via the chat interface on the hacker’s website, did not give his name.

Voccola declined to say whether the hacker was willing to raise the offer.

“I can’t‘ comment ’yes,‘ no ’or‘ maybe ’,” he said when asked if his company would talk to hackers or pay them. “There are no comments in any way related to the negotiation of terrorism.”

The issue of rescue payments is becoming more and more serious as rescue software attacks become more and more confusing and profitable.

Voccola said he has spoken to officials at the White House, the Federal Bureau of Investigation and the Department of Homeland Security about the offense, but did not pay and wanted to say what he was told about the deal.

On Sunday, the White House said it was checking to see if there were any “national risks” posed by the ransomware outbreak, but Voccola said – so far – he did not know they were important national organizations.

“We are not looking at massive critical infrastructure,” he said. “That’s not our business. We’re not running the AT&T (NYSE 🙂 network or the Verizon (NYSE: 911) system. There’s no such thing.”

Voccola’s company was in the process of fixing a vulnerability in the software that was hacked by hackers when the Roccomware attack was executed, some information security professionals thought the hackers had controlled their company’s communications internally.

Voccola said neither he nor the researchers brought by his company saw any trace of it.

“We don’t think they were in our network,” he said. He added that the details of the offenses will be “once and for all” made “safe and agreed to do so”.

Some experts believe the entire fall of the hack will be in focus on Tuesday, when the Americans return from the fourth holiday weekend in July. Beyond the United States, the most notable disruption occurred in Sweden (hundreds of Coop supermarkets had to close their doors because cash registers did not work) and in New Zealand, where 11 schools and kindergartens were affected.

In an interview with Reuters, the hacker’s representative described the New Zealand disruption as an “accident”.

But they expressed no remorse for the break in Sweden.

The closure of the supermarkets “has been just a business,” the representative said.

A dozen countries have somehow been affected by the breach, according to a study published https://www.welivesecurity.com/2021/07/03/kaseya-supply-chain-attack-what-we- know-. so far made by the cybersecurity company ESET.