Some 200 companies have been the target of cyber attacks in the US. The assault consists of disabling the system and then asking for a ransom to unlock it.
About 200 companies were the target of an extortionate cyberattack through the management software of the American Kaseya , has reported the information security company Huntress Labs.
“We are investigating a possible attack on the VSA (software) that appears to have been limited to a small number of our customers on the site,” Kaseya noted on its website, adding that it shut down some servers “out of caution.” The group, which said it was “investigating the source of the problem,” also asked all of its customers running its software to shut down the servers that host it.
The US Agency for Cyber Security and Infrastructure (CISA) said on its own website that it was taking steps “to understand and address the recent ransomware attack ” against Kaseya’s VSA program and multiple service providers. The ransomware exploit security holes in a company or individual to lock their computer systems, demanding a ransom to unlock them .
According to Huntress Labs, “around 200 companies” were targeted by the hackers, without the group specifying their size or sector of activity. “According to the computer models, the ransomware notes and the TOR URL (the Internet address used) we firmly believe” that a member of the group of hackers known as Revel or Sodinokibi “is at the origin of these intrusions”, Huntress Labs said in a message posted on the Reddit forum.
In early June, the FBI blamed this group of hackers for the computer attack on the global meat giant JBS, which paralyzed its activities in North America and Australia for several days.
The United States has been hit in recent months by a wave of cyber attacks on large companies such as JBS and pipeline operator Colonial Pipeline, as well as local communities and hospitals.
Many of these attacks were attributed to Russian-based hacker groups that would operate with at least the tacit approval of the Kremlin.