On Monday the chief executive of US information technology firm Kaseya, Fred Voccola, released a statement. Voccola said between 800 and 1,500 businesses around the world have come under a ransomware attack last Friday.
In an interview, Voccola, the Florida-based company’s CEO, said that it was hard to estimate the exact impact of Friday’s attack. This is because Kaseya’s customers were those targeted the most.
The company Kaseya provides resources software tools to IT outsourcing businesses. These businesses normally provide technical support to small companies that basically do not have resources to run their own IT departments.
Hackers attack on Friday
On Friday, one of the software tools was subverted, i.e., sabotaged. The subversion allowed hackers to paralyze hundreds of businesses on all five continents Kaseya operates in. Most of those affected were dentists’ offices or accountants, which are small businesses.
Sweden and New Zealand most affected
However, the disruption was severe in Sweden. It resulted in hundreds of Coop supermarkets closing for the day, because of inoperative cash registers. Also, major disruptions happened in New Zealand, where 11 schools and some kindergartens went offline.
Surprisingly, the hackers’ representative informed Reuters the disruption in New Zealand is by accident. However, the disruption in Sweden causing the closure of supermarkets was “nothing more than business”.
Hackers want US$70 million ransom, but amount is negotiable
The hackers claiming to be responsible for the breach, are demanding US$70 million to restore all the affected businesses’ data. However, the hackers are indicating a willingness to temper their demands. This is according to their private conversations with a cybersecurity expert and with news media house, Reuters.
A representative of the hackers told Reuters earlier Monday “We are always ready to negotiate.” The representative remained anonymous while speaking via a chat interface on the hackers’ website.
Whether Voccola’s company is ready to take the hackers up on the offer remains unknown.
When asked whether his company would negotiate or pay the hackers, Voccola said “I can’t comment ‘yes,’ ‘no,’ or ‘maybe’.” “No comment on anything to do with negotiating with terrorists in any way.”
As ransomware attacks become increasingly lucrative and disruptive, the topic of ransom payments has become increasingly worrying.
Voccola has spoken to the Department of Homeland Security, officials at the White House, and the Federal Bureau of Investigation about the breach. However, he did not reveal what the officials had told him about paying or negotiating.
White House checks for possible national risks
The White House said on Sunday that it was investigating to see whether there was any national risk posed by ransomware outbreak. However, Voccola said that he does not know of any nationally important organizations being hit so far.
He said “We’re not looking at massive critical infrastructure.” “That’s not our business. We’re not running AT&T’s network or Verizon’s 911 system. Nothing like that.”
Possibility of insiders plotting attack during a weak moment
When the ransomware attack happened, Voccola’s firm was in the process of fixing a weak spot in the software. The hackers exploited this moment of vulnerability. They could have been monitoring Kaseya’s communications from the inside, according to speculation by some information security professionals.
There is no indication of an inside job that can be seen by either Voccola or the investigators his company brought in.
Voccola said “We don’t believe that they were in our network”. The details of the breach would be made public said Voccola, “once it’s ‘safe’ and OK to do that.”
The full fallout from the hack will come into focus on Tuesday according to some experts. This will stem from Americans returning from their Fourth of July holiday weekend.
6th July 2021 23:00
This article brought to you by Legacy Times 传城时代