Between 800 and 1,500 businesses worldwide were compromised or affected by a cyberattack on Friday, security experts said in what could be the largest attack in history using ransomware, in which hackers shut down systems for as long as possible. that the ransom is not paid.
“This is the worst ransomware incident ever, but if we don’t take action, the worst is yet to come,” said Kyle Hanslovan, chief executive officer of cybersecurity firm Huntress Labs.
Hackers compromised Kasia, a Miami-based software maker that provides technical services to thousands of organizations around the world. Many of its customers are so-called managed service providers, who in turn provide security and technical support to other companies and collectively reach millions of businesses.
“It totally sucks,” said Kasia’s chief executive Fred Voccola. Video posted on YouTube Early Tuesday, addressing the company’s customers. “If I were you, I would be very disappointed, and you should be.”
He said Cassia was working with the FBI, the Department of Homeland Security and the White House to resolve the issue.
About 50 of Kasia’s direct customers were compromised when it was breached, Mr Vokola said, which includes dozens of managed service providers.
A Russian-based cybercriminal organization known as Revil claimed responsibility for the attack on Sunday, calling it “Happy Blog” on its site – on the dark web. Huntress Labs said some victims were being asked for $5 million in ransom.
Brett Callow, a threat analyst at cybersecurity firm Emsisoft, said Reville was seeking $45,000 in cryptocurrency for each computer system a victim wanted to restore.
Reville also said it would publish a tool that would allow all infected companies to recover their data if $70 million in bitcoin was paid out.
“If you are interested in such a deal, contact us,” the group wrote, adding that it had provided a way for victims to contact the organization.
Jack Cable, security researcher at Krebs Stamos Group, Said he’s reached Revilla over the weekend and the group said it was open to talks. He offered to reduce the price of the tool to $50 million in bitcoin, he said.
White House Press Secretary Jen Psaki said during a news conference on Tuesday that “we advise against companies paying ransomware, noting that it encourages bad actors to repeat this behavior.”
Ms. Psaki said US national security officials were in contact with Russian government officials about the attack. When President Biden met with Russian President Vladimir V. Putin in Geneva last month, He calls on Russia to rein in ransomware attacks, which have become increasingly common in recent months. The FBI Says Reville Is Behind the World’s Biggest Hacking Meat Processor, JBS, in May.
“If the Russian government cannot or will not take action against criminal actors living in Russia, we will take action, or reserve the right to take action,” Ms. Saki said.
Kasia Cyber Attack has had a wide impact around the world, touching companies in more than a dozen countries, including the United States, Germany, Australia and Brazil. In Sweden, grocery retailer Coop was forced to close more than 800 stores on Saturday, and visited each location to fix problems caused by the hack. Security researchers said a Swedish railway and a pharmacy chain were also affected.
Mr Vokola said such an attack was bound to happen.
“Even on the best defense in the world, runs are scored,” he said.
A common saying he has heard from government officials and security experts, he said, when it comes to cyberattacks, is “it’s kab ki baat hai, yeh kab ki baat hai.”