‘Colossal,’ ‘devastating’ cyber attack on Miami company

4
287

Recently a major gas pipeline and a major meat producer in the US were taken down by ransomware attacks. Now, we have a new assault, CNet reports. This time the hackers hit a Miami-based company that provides tech-management tools to organizations worldwide.

Hundreds of companies, including a railway, pharmacy chain, and grocery chain in Sweden, have reportedly been affected by the attack on software company Kaseya.

Information technology company Kaseya warned 40,000 clients that there was a “potential attack” on its VSA tool, which is used to manage computers remotely.

The company posted a security advisory to its help desk site, urging customers to shut down their servers running the service. They recommended that the customers shut down immediately.

Most authorities believe the same group of criminals behind the attack on JBS Meats engineered the current assault.

Huntress Lab’s John Hammond told NPR that this was “a colossal and devastating supply chain attack.” He suspects a major ransomware syndicate, the REvil gang, was behind the attack. REvil largely works out of Russia and nothing goes on in Russia without Putin’s approval.

Biden just met with Putin in Geneva warning him against the cyber attacks. Given Biden’s mental state, that was more like an invitation to attack.

Biden has done nothing about the attacks so far and that means these attacks are guaranteed to get worse. He did launch an investigation into this latest attack.

The cybercriminals sent two different ransom notes: one for $50,000 to smaller companies and one for $5 million to larger organizations.

“It is absolutely the biggest non-nation state supply-chain cyberattack that we’ve ever seen,” Allan Liska, a researcher with the cybersecurity firm Recorded Future, told the Washington Post. “And it’s probably the biggest ransomware attack we’ve seen, at least the biggest since WannaCry.”

While Kaseya says that only 40 direct customers had been affected, one cybersecurity company identified eight managed service providers (MSPs) with more than 200 clients whose networks were partially or completely shut down.

Cybersecurity researcher Jake Williams, president of Rendition Infosec, told NPR that the attack was likely timed to coincide with the 4th of July holiday when IT staffs are typically thin.  “There’s zero doubt in my mind that the timing here was intentional,” he said.

Washington Post:

Ransomware attacks increased significantly in frequency and severity during 2020. A report from a task force of more than 60 experts said nearly 2,400 governments, health-care systems and schools in the country were hit by ransomware in 2020. Organizations paid attackers more than $412 million in ransoms last year, according to the analysis firm Chainalysis.

After a May attack on Colonial Pipeline — which led to panicked lines at gas pumps and empty fuel stations — the U.S. government increased its emphasis on addressing cybersecurity issues and urged corporate America to strengthen its computer security.

Ransomware attacks have been on the rise as hackers band together and form cybercriminal gangs to extort companies for payment. The attacks are often carried out by attackers in Russia and Eastern Europe.

It’s unclear how the hackers gained access originally to Kaseya’s systems but the company has been a frequent target of criminal gangs because it represents an access point for tens of thousands of companies.

You can comment on the article after the ads and subscribe to the Daily Newsletter here if you would like a quick view of the articles of the day and any late news:

PowerInbox
0 0 votes
Article Rating
4 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Greg
3 years ago

Considering what we’ve learned about The Government, never again will I believe Russia is the one behind Anything. Considering the infiltration by Chinese nationals all across the board I would suspect them before Anyone else.

Under Wing Pod
3 years ago

Evil hackers and the plans of SPECTRE!
Anything remote accessed on the computer is usually bad news.
Elder fam says Russian hackers is Snowden and it was good to see that the mind is still working.
Miami is in the news with the crumbling infrastructure and there are other condotels that are 45-50 years old out in the salty sea air.
The Miami Herald comments had the usual, the government must do something for the shaking my head moment.

O/T-good fireworks going, I thought it was the 4th today. It will sound like a battle when it gets dark Sunday.
It is a celebration of WAR.

3 years ago

Evidently Kaseya wasn’t on Biden’s list of 16 that he told Putin were off limits for cyber warfare.

Plato
3 years ago

Or, maybe it was on that list.