• 102 days Could Crypto Overtake Traditional Investment?
  • 106 days Americans Still Quitting Jobs At Record Pace
  • 108 days FinTech Startups Tapping VC Money for ‘Immigrant Banking’
  • 112 days Is The Dollar Too Strong?
  • 112 days Big Tech Disappoints Investors on Earnings Calls
  • 113 days Fear And Celebration On Twitter as Musk Takes The Reins
  • 114 days China Is Quietly Trying To Distance Itself From Russia
  • 115 days Tech and Internet Giants’ Earnings In Focus After Netflix’s Stinker
  • 119 days Crypto Investors Won Big In 2021
  • 119 days The ‘Metaverse’ Economy Could be Worth $13 Trillion By 2030
  • 120 days Food Prices Are Skyrocketing As Putin’s War Persists
  • 122 days Pentagon Resignations Illustrate Our ‘Commercial’ Defense Dilemma
  • 122 days US Banks Shrug off Nearly $15 Billion In Russian Write-Offs
  • 126 days Cannabis Stocks in Holding Pattern Despite Positive Momentum
  • 127 days Is Musk A Bastion Of Free Speech Or Will His Absolutist Stance Backfire?
  • 127 days Two ETFs That Could Hedge Against Extreme Market Volatility
  • 129 days Are NFTs About To Take Over Gaming?
  • 129 days Europe’s Economy Is On The Brink As Putin’s War Escalates
  • 132 days What’s Causing Inflation In The United States?
  • 134 days Intel Joins Russian Exodus as Chip Shortage Digs In
  1. Home
  2. Tech
  3. Tech News

Thousands Of Companies Hit In Latest Ransomware Attack

Thousands Of Companies Hit In Latest Ransomware Attack

Just a couple of weeks after the Biden-Putin “cyber summit,” where the two leaders discussed increasing cyberattacks, nearly all which have been blamed on Russia, thousands of businesses are being targeted by ransomware attacks 

Reuters reported that last Friday cyber criminals hijacked VSA software used by Florida-based IT firm Kaseya, which provides IT services to small- and medium-sized businesses.

A Russia-linked hacker group REvil is suspected of having infected thousands of victims in at least 17 countries, with the typical MO being to gain access through big firms that remotely manage IT infrastructure for companies. The hackers have demanded $70 million in bitcoin to restore data being held for ransom.

This gives them a double play: They are asking Kaseya for the lump sum of $70M, and the backup plan is to offer Kaseye’s clients, individually, for anything between $45,000 and $5M, depending on the size of the business. 

Schools, dental practices, architecture firms, plastic surgery centers from Germany, the United States, Netherlands… have all been affected by the attack, even though many have reportedly failed to notify the authorities. 

Swedish grocery chain Coop said it closed the majority of its 800 stores on Sunday due to a software failure with its cash registers.

Several IT companies from Germany and Netherlands have announced that they are the victims of the attack, with several thousand of customers compromised. 

At least 36,000 companies were indirectly impacted but the full impact of the attack won’t be clear for days, particularly as the U.S. has been celebrating the 4th of July. 

U.S. President Joe Biden said the FBI is investigating the attack and vowed to take action if Russia is deemed to be responsible. 

Just two weeks ago, Biden met with Russian President Vladimir Putin in Geneva to discuss taking action against hacking groups.

There was no known progress on those talks. 

Biden said he handed Russian counterpart Putin a list of 16 sectors such as energy, health care and water services that the U.S. insists are out of bounds to attacks. 

"I talked about the proposition that certain critical infrastructure should be off-limits to attack, period — by cyber or any other means," Biden told reporters.  

In the meantime, the Russian government has denied any involvement in the attacks, with Putin saying that most hacking crimes originate in the U.S., not Russia.

U.S. intelligence officials have blamed hackers based in Russia for several attacks on U.S.-based companies.

In March, one of the largest insurance companies in the United States, CNA, was reported to have secretly paid $40 million to regain control of its network after a ransomware attack. 

While the FBI pinned the Colonial Pipeline cyber-attack on DarkSide, an Eastern Europe-based cybercriminal hacking group, CNA said its investigation concluded that the attackers used a new variant called Phoenix CryptoLocker, malware developed by Evil Corp cyber

group. 

As for REvil ransomware group (not to be confused with “Evil Corp” as far as anyone knows for sure), it extorted $11 million from the meat-processor JBS after a Memorial Day attack. In April and March, REvil demanded $50 million from Apple supplier Quanta and computer maker Acer.

Following the Colonial Pipeline attack, Biden signed an Executive Order to improve the nation's cybersecurity and protect federal government networks.

The order lays out a series of new requirements for companies that do business with the federal government, requiring companies to report certain information about cyber breaches. It also establishes a Cybersecurity Safety Review Board to analyze incidents.

Back to homepage

Leave a comment

Leave a comment