AGL 40.00 No Change ▼ 0.00 (0%)
AIRLINK 129.00 Decreased By ▼ -0.53 (-0.41%)
BOP 6.76 Increased By ▲ 0.08 (1.2%)
CNERGY 4.50 Decreased By ▼ -0.13 (-2.81%)
DCL 8.70 Decreased By ▼ -0.24 (-2.68%)
DFML 41.00 Decreased By ▼ -0.69 (-1.66%)
DGKC 81.30 Decreased By ▼ -2.47 (-2.95%)
FCCL 32.68 Decreased By ▼ -0.09 (-0.27%)
FFBL 74.25 Decreased By ▼ -1.22 (-1.62%)
FFL 11.75 Increased By ▲ 0.28 (2.44%)
HUBC 110.03 Decreased By ▼ -0.52 (-0.47%)
HUMNL 13.80 Decreased By ▼ -0.76 (-5.22%)
KEL 5.29 Decreased By ▼ -0.10 (-1.86%)
KOSM 7.63 Decreased By ▼ -0.77 (-9.17%)
MLCF 38.35 Decreased By ▼ -1.44 (-3.62%)
NBP 63.70 Increased By ▲ 3.41 (5.66%)
OGDC 194.88 Decreased By ▼ -4.78 (-2.39%)
PAEL 25.75 Decreased By ▼ -0.90 (-3.38%)
PIBTL 7.37 Decreased By ▼ -0.29 (-3.79%)
PPL 155.74 Decreased By ▼ -2.18 (-1.38%)
PRL 25.70 Decreased By ▼ -1.03 (-3.85%)
PTC 17.56 Decreased By ▼ -0.90 (-4.88%)
SEARL 78.71 Decreased By ▼ -3.73 (-4.52%)
TELE 7.88 Decreased By ▼ -0.43 (-5.17%)
TOMCL 33.61 Decreased By ▼ -0.90 (-2.61%)
TPLP 8.41 Decreased By ▼ -0.65 (-7.17%)
TREET 16.26 Decreased By ▼ -1.21 (-6.93%)
TRG 58.60 Decreased By ▼ -2.72 (-4.44%)
UNITY 27.51 Increased By ▲ 0.08 (0.29%)
WTL 1.41 Increased By ▲ 0.03 (2.17%)
BR100 10,450 Increased By 43.4 (0.42%)
BR30 31,209 Decreased By -504.2 (-1.59%)
KSE100 97,798 Increased By 469.8 (0.48%)
KSE30 30,481 Increased By 288.3 (0.95%)

SAN FRANCISCO: A ransomware attack on a US IT company potentially targeted 1,000 businesses, researchers said Saturday, with one of Sweden's biggest supermarket chains revealing it had to temporarily close around 800 stores after losing access to its checkouts.

Kaseya said Friday evening it had limited the attack to "a very small percentage of our customers" who use its signature VSA software -- "currently estimated at fewer than 40 worldwide."

Cybersecurity firm Huntress Labs said in a Reddit forum, however, that it was working with partners targeted in the attack, and that the software was manipulated "to encrypt more than 1,000 companies."

Ransomware attacks typically involve locking away data in systems using encryption, making companies pay to regain access.

Kaseya describes itself as a leading provider of IT and security management services to small and medium-sized businesses.

VSA, the company's flagship offering, is designed to let companies manage networks of computers and printers from a single point.

"One of our subcontractors was hit by a digital attack, and that's why our checkouts aren't working any more," Coop Sweden, which accounts for around 20 percent of the country's supermarket sector, said in a statement.

"We regret the situation and will do all we can to reopen swiftly," the cooperative added.

Coop Sweden did not name the subcontractor or reveal the hacking method used against it.

But the Swedish subsidiary of the Visma software group said the problem was linked to the Kaseya attack. Kaseya became aware of a possible incident with VSA at midday Friday on the US East Coast and "immediately shut down" its servers as a "precautionary measure," it said. It also "immediately notified our on-premises customers via email, in-product notes, and phone to shut down their VSA servers to prevent them from being compromised." "We believe that we have identified the source of the vulnerability and are preparing a patch to mitigate it," the company said in a statement. According to the New Zealand government's Computer Emergency Response Team, the attackers were from a hacking group known as REvil.

REvil was also, according to the FBI, behind last month's attack on JBS, one of the world's biggest meat processors, which ended with the Brazil-based company paying bitcoin worth $11 million to the hackers. The US Cybersecurity and Infrastructure Security Agency (CISA) put out word that it was "taking action to understand and address the recent supply-chain ransomware attack" against Kaseya VSA and the service providers using its software. CISA is "closely monitoring the situation," said Eric Goldstein, the agency's cybersecurity manager. "We are working with Kaseya and coordinating with the FBI to conduct outreach to victims who may be affected," he added in a message sent to AFP.

Kaseya lists a US headquarters in Florida and an international headquarters in Ireland.

The UN Security Council this week held its first formal public meeting on cybersecurity, addressing the growing threat of hacks to countries' key infrastructure -- an issue US President Joe Biden recently raised with Russian counterpart Vladimir Putin.

Several Security Council members acknowledged the grave dangers posed by cybercrime, notably ransomware attacks on key installations and companies.

Comments

Comments are closed.