Hackers claiming to be behind a major ransomware attack on a government-backed technology company Kaseya require $ 70 million to restore affected data.
The company in which the Ireland Strategic Investment Fund Ireland (ISIF) is an investor that has said between 800 and 1,500 companies worldwide have been affected by the attack.
Fred Voccola, the executive director of the Florida-based company, said in an interview that it was difficult to gauge the exact impact of Friday’s attack because it was mostly customers of Kaseya’s customers.
Kaseya is a company that provides software tools for IT outsourcing shops: companies that normally do back office work for companies that are too small or have limited resources for their own technical departments.
One of these tools was undermined on Friday and allowed the hackers to cripple hundreds of companies on all five continents. Although most of those affected were small businesses such as dental practices or accountants, the disruption was more felt in Sweden, where hundreds of supermarkets had to close because their registers were out of order, or in New Zealand, where schools and kindergartens were knocked offline .
In 2018, ISIF invested 19 million euros in Kaseya as part of a larger fundraising campaign for the company. In return for the investment, Kaseya relocated its international headquarters to Dublin and announced plans to create more than 100 jobs and participate in collaboration with third-level institutions.
ISIF does not use the company’s technology and there is currently no evidence that Irish organizations have been affected by the recent attack.
The hackers, who assumed responsibility for the breach, have asked for $ 70 million to recover all data from the affected companies, despite signaling their willingness to mitigate their claims in private conversations with a cybersecurity expert and with Reuters.
“We are always ready to negotiate,” a representative of the hackers told Reuters on Monday. The representative, who spoke through a chat interface on the hackers’ website, did not reveal his name.
Mr. Voccola refused to say whether he would accept the hackers offer.
“I can’t say ‘yes’, ‘no’ or ‘maybe’,” he said when asked if his company would talk to the hackers or pay them. “No comment on any negotiations with terrorists.”
Mr Voccola said he had been with officials of the White HouseHowever, the Federal Bureau of Investigation and the Department of Homeland Security about the violation declined to say what they told him about the payment or negotiation.
On Sunday the White House said it was examining whether there was a “national risk” from the ransomware outbreak, but Mr Voccola said that he – so far – did not know that nationally important organizations had been hit.
“We are not looking at massive critical infrastructure,” he said. “It’s not our business. We do not operate the AT&T network or the Verizon 911 system. Nothing like that. “
With Mr. Voccola’s company in the process of fixing a vulnerability in the software that the hackers exploited in carrying out the ransomware attack, some information security experts speculated that the hackers might have been monitoring his company’s communications from the inside.
Mr. Voccola said that neither he nor the investigators who hired his company saw any signs of this.
Some experts believe the full aftermath of the hack will come into focus on Tuesday when Americans return from their July 4th vacation weekend. Outside the US, the most notable disruption occurred in Sweden – where hundreds of co-op supermarkets closed their doors because their registers failed – and in New Zealand, where eleven schools and several kindergartens were affected.
In an interview with Reuters, the hacker representative described the disruption in New Zealand as an “accident”.
But they did not express such regret about the disruption in Sweden.
The closure of the supermarkets was “nothing more than a business,” said the representative.
According to a study published by a cybersecurity company, organizations in around a dozen different countries were affected in some way by the breach Eset.
– Additional coverage: Reuters
#Statebacked #Kaseya #hit #million #euros #demand #ransomware