The biggest ransomware attack on record has hit the IT systems of up to 1 million companies on practically every continent as Russian linked hackers demand $70 million in cryptocurrency to fix it.
Swedish grocery stores, schools in New Zealand, and two major Dutch IT firms were amongst the victims of hacking group REvil which began its attack on Friday after breaching the systems of US-based software firm Kaseya.
Kaseya says only several dozen of its customers were directly affected by the attack, but that knock-on effects had taken down firms in 17 countries, with one expert saying the attack was unprecedented in its scale and sophistication.
REvil, which was behind the recent hack of meat processor JBS which saw an $11 million ransom paid, has been negotiating ransoms of up to $5 million with specific firms, but now says for $70 million it will unlock all affected networks.
Joe Biden, who last month urged President Putin to take action against hacking groups targeting the US from Russia, said the FBI is investigating the latest hack and he will take action if Moscow was believed to be responsible.
Analysts said it’s no fluke that the attack coincided with the July 4 holiday weekend, when companies would be understaffed and less able to respond.
Ciaran Martin, the founder of the UK’s National Cyber Security Centre, told Radio 4 that the scale and sophistication of this global crime was unusual, if not unprecedented and that it was a very serious, global operation.
Swedish grocery chain Coop was forced to close all 800 of its stores on Sunday and said they would remain shut on Monday after its tills were affected.
The country’s national rail operator and public broadcaster SVT were also affected.
In Germany, an unnamed IT services company told authorities several thousand of its customers were compromised.
Also amongst reported victims were two big Dutch IT services companies, VelzArt and Hoppenbrouwer Techniek, but most victims are thought to be small to medium-sized firms that are unlikely to openly declare they’ve been infected, car dealerships, hair salons and accounting firms, amongst others.
Cybersecurity teams worked feverishly on Sunday to stem the impact of the single biggest global ransomware attack on record, with some details surfacing about how the Russia linked gang responsible breached the company whose software was the conduit.
Cybersecurity researchers said that an affiliate of the notorious REvil gang, best known for extorting $11 million from the meat processor JBS after a Memorial Day attack, infected thousands of victims in at least 17 countries on Friday, mostly through firms that remotely manage IT infrastructure for multiple customers.
The thing is, hackers, look for businesses with antiquated, bargain basement, security software for these attacks. This is why you never see them hacking into Banking systems because the Banks recognise the importance of having top quality software security, and if we blame the hackers, it will only make them proud.
And it’s not only about antiquated software that creates the problem. It takes time to run backups and large companies can lose many times the ransom demand in the time it takes to get back up and running, not to mention the loss of customer confidence.
But I guess the days of people using their brains, a biro and a calculator are gone, to serve customers, and all empires rise and fall, sadly, America is falling very quickly.
On January 27, 1838, Abraham Lincoln spoke before the Young Men’s Lyceum of Springfield, Illinois, about the continuation of their political institutions.
During that address, he said: “At what point then is the approach of danger to be expected? I answer, if it ever reaches us, it must spring up amongst us. It cannot come from abroad. If destruction is our lot, we must ourselves be its author and finisher. As a nation of freemen, we must live through all time, or die by suicide.”