The White House said on Sunday that it is targeting victims of a widespread ransomware outbreak that has centered on a Florida-based information technology company that has impacted hundreds of companies around the world.
Miami-based Kaseya said fewer than 60 of its customers were “directly” affected by the attack.
But the full impact of the intrusion is still coming into focus, in part because the Kaseya software tool seized by the cybercriminals is being used by so-called managed service providers who outsource shops that other companies use for their IT back office work, like that Install updates.
A cybersecurity manager said 350 customers had been attacked in his company alone.
White House Deputy National Security Advisor on Cyber and New Technologies Anne Neuberger said in a statement that the FBI and the cyber arm of the Department of Homeland Security “will reach out to identified victims based on a national assessment Providing help at risk ”.
president Joe Biden said on Saturday that he directed US intelligence agencies to find out who was behind the ransomware attack.
Security firm Huntress Labs said Friday it believes Russia-related ransomware gang REvil was responsible for the latest outbreak. Last month the FBI did that same group to paralyze Meat packers JBS SA.
Kaseya said Sunday that it had hired cybersecurity firm FireEye to help cope with the aftermath of the breach.
“The two largest regions we’ve seen are the US and Germany,” said Ross McKerchar, Sophos Group Plc’s chief information security officer, of the impact of the latest ransomware.
Those affected included schools, small public institutions, travel and leisure organizations, credit unions and accountants, he said.
The rash of German victims could be due to the fact that a large provider was compromised there. Germany’s federal cybersecurity guard announced on Sunday that an unidentified IT service provider who looks after several thousand customers had been hit.
In some cases, chain reactions resulted in more widespread disturbances.
Swedish grocery chain Coop had to close hundreds of stores on Saturday because its cash registers are operated by Visma Esscom, which manages servers for a number of Swedish companies and uses Kaseya.
McKerchar said the wave of disruption is another example of how difficult it is for midsize businesses to beat back increasingly well-funded cybercriminal gangs.
“Small businesses are inferior when it comes to cybersecurity,” he said.
The rules were announced last month amid growing complaints from Indian brick and mortar retailers that Amazon and Flipkart Circumvention of foreign investment law through complex business structures. The companies deny any wrongdoing.
A Reuters investigation in February, Amazon cited documents showing it gave preferential treatment to a small number of its sellers and circumvented foreign investment rules. Amazon has said it does not give any seller preferential treatment.
© Thomson Reuters 2021
#White #House #latest #ransomware #victims #helping