Its CEO stated that 800 to 1,500 companies around the world have been attacked by ransomware centered on U.S. information technology company Kaseya.
Fred Voccola, the chief executive of the Florida-based company, said in an interview on Monday that it is difficult to estimate the exact impact of Friday’s attacks, because the customers who were hit were mainly Kaseya’s customers. .
Kaseya is a company that provides software tools for IT outsourcing shops: these companies usually handle back-office work for companies that are too small or have limited resources to have their own technical department.
One of these tools was compromised on Friday, allowing hackers to paralyze hundreds of businesses on five continents. Although most of the people affected have minor problems—such as dentist offices or accountants—in Sweden, hundreds of supermarkets had to close because cash registers were not working, or in New Zealand, schools and kindergartens were offline.
The hackers claiming to be responsible for the violations demanded $70 million to restore the data of all affected companies, even though they expressed their willingness to ease their demands in private conversations with cybersecurity experts and Reuters.
“We are ready to negotiate at any time,” a hacker representative told Reuters earlier on Monday. The representatives who spoke through the chat interface on the hacker website did not provide their names.
Wakora declined to say whether he was prepared to accept the hacker’s offer.
“I can’t comment on’yes’,’no’ or’maybe’,” he said when asked if his company would talk to hackers or pay. “Do not comment on anything related to negotiations with terrorists in any way.”
As ransomware attacks become more destructive and profitable, the topic of ransom payment becomes more and more worrying.
Wakora said he had talked with officials from the White House, the FBI and the Department of Homeland Security about the violations, but declined to disclose what they told him about the payment or negotiations.
Exploited by hackers
On Sunday, the White House said it was checking whether there is any “national risk” in the ransomware outbreak, but Wakora said that so far, he has no knowledge of any important national organizations being attacked.
“We don’t consider large-scale critical infrastructure,” he said. “That’s not our business. We don’t run AT&T’s network or Verizon’s 911 system. There is no such thing.”
Since Voccola’s company is repairing vulnerabilities in software used by hackers when performing ransomware attacks, some information security professionals speculate that hackers may have been monitoring their company’s communications from the inside.
Wakora said neither he nor the investigators brought by his company saw any signs.
“We don’t believe they are in our network,” he said. He added that “once it is’safe’ and it can be done”, the details of the violation will be made public.
Some experts believe that the full consequences of the hacking will be the focus on Tuesday, when Americans will return from the July 4th holiday weekend. Outside the United States, the most significant disruptions occurred in Sweden—hundreds of Coop supermarkets had to close because cash registers were unavailable—and New Zealand, where 11 schools and several kindergartens were affected.
One million machines were compromised
In conversations with Reuters, the hacker representative described the New Zealand outage as an “accidental”.
But they did not regret the interruption in Sweden.
The representative said that the closure of the supermarket “is just a business.”
According to research published by the network security company ESET, about a dozen organizations in different countries have been affected to some extent.
Mark Loman, director of engineering at the network security company Sophos, said the hacker REvil ransomware claimed that 1 million machines were compromised.
“Depending on the size of your business and whether you have a backup, you may need several weeks to restore everything, and because supermarkets in Sweden are affected, they may lose a lot of food and income,” he said.
Although many Coop stores are still closed on Monday, some stores have opened and allow customers to pay using an app called “Scan and Pay”.
Anders Nilsson, CTO of ESET Nordics, said: “I don’t think we’ve seen anything on such a large scale before.” “This is the first time we have seen a grocery store unable to process payments, which shows that we How fragile it is.”