• 1 day Ireland Balks At Biden’s Global Tax Plan
  • 4 days Robinhood To Trade On Nasdaq Targeting $32B Valuation
  • 8 days Facial Recognition Is Watching You
  • 9 days Biden’s $3.5T ‘Human Infrastructure’ Workaround
  • 9 days The Fed’s $3 Trillion Headache
  • 12 days Why Bitcoin Could Struggle To Recover After Epic Crash
  • 12 days Wells Fargo Back In The Spotlight Over Personal Loan Cancellations
  • 13 days Delta Variant Real Threat To Economic Recovery
  • 16 days JEDI Drama Continues With Microsoft Contract Cut
  • 18 days DiDi Shares Take a Beating From Chinese Regulators
  • 19 days Thousands Of Companies Hit In Latest Ransomware Attack
  • 19 days Jobs Report Has Big Numbers, But Still Big Problems
  • 20 days Robinhood’s ‘Mission’ Questioned in $70M Fine
  • 23 days Didi Just Went Public, And Uber Is Loving It
  • 24 days Islamic Finance On Track To Hit $3.7 Trillion
  • 25 days The Lumber Bubble Is Bursting
  • 29 days A New Entry In The Two Trillion Dollar Club
  • 29 days 3 Upcoming IPOs To Watch As IPO Market Rebounds
  • 31 days Welcome To The Used Car Bonanza
  • 32 days The Year Of The Retail Investor Keeps Getting Bigger
  1. Home
  2. Tech
  3. Tech News

Thousands Of Companies Hit In Latest Ransomware Attack

Thousands Of Companies Hit In Latest Ransomware Attack

Just a couple of weeks after the Biden-Putin “cyber summit,” where the two leaders discussed increasing cyberattacks, nearly all which have been blamed on Russia, thousands of businesses are being targeted by ransomware attacks 

Reuters reported that last Friday cyber criminals hijacked VSA software used by Florida-based IT firm Kaseya, which provides IT services to small- and medium-sized businesses.

A Russia-linked hacker group REvil is suspected of having infected thousands of victims in at least 17 countries, with the typical MO being to gain access through big firms that remotely manage IT infrastructure for companies. The hackers have demanded $70 million in bitcoin to restore data being held for ransom.

This gives them a double play: They are asking Kaseya for the lump sum of $70M, and the backup plan is to offer Kaseye’s clients, individually, for anything between $45,000 and $5M, depending on the size of the business. 

Schools, dental practices, architecture firms, plastic surgery centers from Germany, the United States, Netherlands… have all been affected by the attack, even though many have reportedly failed to notify the authorities. 

Swedish grocery chain Coop said it closed the majority of its 800 stores on Sunday due to a software failure with its cash registers.

Several IT companies from Germany and Netherlands have announced that they are the victims of the attack, with several thousand of customers compromised. 

At least 36,000 companies were indirectly impacted but the full impact of the attack won’t be clear for days, particularly as the U.S. has been celebrating the 4th of July. 

U.S. President Joe Biden said the FBI is investigating the attack and vowed to take action if Russia is deemed to be responsible. 

Just two weeks ago, Biden met with Russian President Vladimir Putin in Geneva to discuss taking action against hacking groups.

There was no known progress on those talks. 

Biden said he handed Russian counterpart Putin a list of 16 sectors such as energy, health care and water services that the U.S. insists are out of bounds to attacks. 

"I talked about the proposition that certain critical infrastructure should be off-limits to attack, period — by cyber or any other means," Biden told reporters.  

In the meantime, the Russian government has denied any involvement in the attacks, with Putin saying that most hacking crimes originate in the U.S., not Russia.

U.S. intelligence officials have blamed hackers based in Russia for several attacks on U.S.-based companies.

In March, one of the largest insurance companies in the United States, CNA, was reported to have secretly paid $40 million to regain control of its network after a ransomware attack. 

While the FBI pinned the Colonial Pipeline cyber-attack on DarkSide, an Eastern Europe-based cybercriminal hacking group, CNA said its investigation concluded that the attackers used a new variant called Phoenix CryptoLocker, malware developed by Evil Corp cyber

group. 

As for REvil ransomware group (not to be confused with “Evil Corp” as far as anyone knows for sure), it extorted $11 million from the meat-processor JBS after a Memorial Day attack. In April and March, REvil demanded $50 million from Apple supplier Quanta and computer maker Acer.

Following the Colonial Pipeline attack, Biden signed an Executive Order to improve the nation's cybersecurity and protect federal government networks.

The order lays out a series of new requirements for companies that do business with the federal government, requiring companies to report certain information about cyber breaches. It also establishes a Cybersecurity Safety Review Board to analyze incidents.

Back to homepage

Leave a comment

Leave a comment