The REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack, said John Hammond of the security firm Huntress Labs. He said the criminals targeted a software supplier called Kaseya, using its network-management package as a conduit to spread the ransomware through cloud-service providers. Other researchers agreed with Hammond's assessment.
It was not immediately clear how many Kaseya customers might be affected or who they might be. Kaseya urged customers in a statement on its website to immediately shut down servers running the affected software. It said the attack was limited to a "small number" of its customers. Cybersecurity researcher Jake Williams, president of Rendition Infosec, said he was already working with six companies hit by the ransomware. It's no accident that this happened before the Fourth of July weekend, when IT staffing is generally thin, he added.Hammond of Huntress said he was aware of four managed-services providers -- companies that host IT infrastructure for multiple customers -- being hit by the ransomware, which encrypts networks until the victims pay off attackers.
The federal Cybersecurity and Infrastructure Security Agency said in a statement late Friday that it is closely monitoring the situation and working with the FBI to collect more information about its impact. Brian Honan, an Irish cybersecurity consultant, said by email Friday that "this is a classic supply chain attack where the criminals have compromised a trusted supplier of companies and have abused that trust to attack their customers."
United States United States Latest News, United States United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Source: CTVNews - 🏆 1. / 99 Read more »