Might not be able to respond to all Kaseya ransomware attack victims: FBI

#Crime #CyberCrime #CyberSecurity

Hackers hit Kaseya, a firm that provides IT services to companies, on Friday
FBI has opened an investigation "to understand the scope of the threat"
FBI may be unable to respond to each victim individually

Written By:

Updated: July 04 2021 12:34:19 PM ET Washington D.C., DC, USA

Two days after a ransomware attack against a US IT company rocked the country, the Federal Bureau of Investigation said Sunday the large scale of the incident might mean the investigators won’t be able to respond to each victim individually.

In a statement, the FBI said, “Although the scale of this incident may make it so that we are unable to respond to each victim individually, all information we receive will be useful in countering this threat,” the FBI statement said.

The hackers hit Kaseya, a firm that provides IT services to other companies, with a ransomware attack that could have targeted as many as 1,000 other businesses on Friday, just before the long holiday July 4 weekend in the United States.

However, Kaseya said on Friday evening that only a very small percentage of our customers who use its signature VSA software — currently estimated at fewer than 40 worldwide were affected.

Also read: Hackers use Crackonosh malware to dupe gamers, earn crypto-money

VSA is designed to let companies manage networks of computers and printers from a single point.

Meanwhile, the FBI said it had opened an investigation along with the Cybersecurity and Infrastructure Security Agency and other US federal agencies “to understand the scope of the threat.”

“If you believe your systems have been compromised, we encourage you to employ all recommended mitigations, follow Kaseya’s guidance to shut down your VSA servers immediately and report to the FBI,” the bureau said in a statement Sunday, according to AFP reports.

While Joe Biden has ordered an investigation, he is “not sure yet” whether the assault had come from Russia, the US President on Saturday.

Recently, the United States has been plagued by a string of ransomware attacks — including the computer group SolarWinds and the Colonial oil pipeline.

Most of those attacks have been traced back to hackers based in Russian territory by the FBI. In a meet, Biden too raised the threat in talks with Russian counterpart Vladimir Putin.

Kaseya said in a new statement Sunday that they were working “around the clock in all geographies” to get their systems working again, according to AFP inputs.

Also read: What is Joker virus, the malware that sneaks into Android devices via apps?

The company hopes to get a restricted version of its platform running again within days.

The disruption forced Swedish supermarket chain Coop Sweden to close on Saturday because their cash register system had been taken down in the attack.