Cyberattack on Kaseya Company: Hackers Claim $ 70 Million
On the note we can read: “Temporarily closed.
We have a computer problem and our systems are not working, ”displayed in the window of a closed Coop supermarket in Stockholm, Sweden.
AP - Ali Lorestani
Text by: RFI Follow
4 min
In Sweden, this Monday, most Coop supermarkets remain closed.
Coop Sweden is one of the many companies indirectly affected 3 days ago by the massive cyberattack against the American company Kaseya.
A message posted on the dark web puts on the trail of a group of hackers.
The REvil group reportedly demanded a large ransom.
Publicity
Read more
The hacker group REvil (aka Sodinokibi) demanded $ 70 million in bitcoins, or € 59 million, to return the data.
Information partially confirmed by Kaseya.
One of his officials assured to be aware of the request without giving further details.
The hackers promise in exchange to disseminate "
publicly a decryptor
" valid for the "
files of all victims, so that everyone can recover from the attack in less than an hour
" after payment of the ransom (attack known as ransomware or "ransomware").
Kaseya, entry point for the cyberattack?
Based in Miami, Kaseya sells IT tools to businesses, including software for managing networks of servers, computers and printers from a single source. It claims more than 40,000 customers in more than 20 countries around the world. The precise number of these victims has not been released.
Kaseya
assured Friday that less than 40 of its customers had been affected. But the latter themselves provide services to other companies. The effect of the attack was therefore multiplied: more than 1,000 companies could have been affected according to the computer security company Huntress Labs.
The FBI has opened an investigation and is working with the US Cybersecurity and Infrastructure Security Agency (CISA) and other agencies "to
understand the scale of the threat
."
The scale is such in any case that the FBI warned that it could not respond to all the victims individually.
The Federal Bureau of Investigation nevertheless encourages them to make a report.
► To read also: In Sweden, 800 supermarkets closed after a giant cyberattack in the United States
REvil itself claims a million compromised computer workstations in a post published on the darkweb.
It has already been cited in a previous computer attack.
The American subsidiary of
Brazilian JBS
had paid the ransom of 11 million dollars claimed last month.
Ransomware, cyber hackers' favorite weapon
This type of extortion involves keeping data from one company hostage and crippling thousands of others around the world.
This attack model, which is also called double extortion, has become the preferred weapon of cyber hackers, explains Damien Bancal, journalist expert in cybercrime and author of the Zataz website.
If you're a company that provides software that other partners use, then sorry, but that's bread for the hacker.
It has a front door and this front door is a bit like: "All roads lead to Rome".
Damien Bancal, expert journalist in cybercrime
Dominique desaunay
Newsletter
Receive all international news directly in your mailbox
I subscribe
Follow all the international news by downloading the RFI application
google-play-badge_FR
Sweden
Cybercriminality
United States