A major cyber attack took place last weekend, affecting dozens of companies worldwide.

As a result of the attack, some victims are still unable to access their computer systems.

NU.nl lists the facts.

The attack started at the American software company Kaseya.

This company develops system management software that enables IT administrators to remotely maintain customer computer systems.

How was the attack carried out?

Kaseya says the hackers penetrated through a vulnerability in VSA, one of its management software products.

The program was then used to distribute ransomware to VSA users.

Ransomware encrypts files and systems.

After that, ransom is usually demanded to make them accessible again.

Who is behind the attack?

This is probably the Russian hacker group REvil, which has claimed the attack and is demanding a ransom.

It is not yet clear whether the group is actually behind the attack.

REvil was also responsible for the June cyber attack on meat processor JBS.

That company paid more than 9 million euros in ransom to the hackers.

In the case of Kaseya, the cyber criminals demand 70 million dollars in bitcoin to release the systems of all victims at once.

Which companies were affected by the attack?

In Sweden, supermarket chain Coop had to temporarily close almost all of its 800 stores in the country on Saturday because the hack had paralyzed the cash registers.

The number of affected companies in the US is estimated to be around 200.

The attack also affected Dutch companies, such as customers of ICT company VelzArt in Waardenburg.

According to the

NOS

, the company warned its hundreds of customers on Friday evening not to turn on their systems.

Technical service provider Hoppenbrouwers in Udenhout was also affected.

The company noticed the attack on Friday evening,

AD

writes

.

By acting quickly, the company managed to limit the damage.

The computers were shut down in time, preventing the ransomware from spreading further.

As a precaution, Hoppenbrouwers started cleaning all computers last weekend.

Could the attack have been prevented?

The Dutch Institute for Vulnerability Disclosure (DIVD), a group of ethical hackers, told

Vrij Nederland

on

Sunday

that it was about to

thwart

the attack.

One of the members was hired by a company to test the VSA software. He discovered the weak spot that was eventually exploited by REvil. The DIVD contacted Kaseya's top technical officer so that the leak could be closed via an update. However, the update was not rolled out in time, allowing the attack to take place.

Keywords: