Its chief executive said on Monday that 800 to 1,500 companies around the world have been attacked by ransomware centered on U.S. information technology company Kaseya.
Fred Voccola, the chief executive of the Florida-based company, said in an interview that it is difficult to estimate the exact impact of Friday’s attacks because these attacks are mainly customers of Kaseya’s customers.
Kaseya is a company that provides software tools for IT outsourcing stores: these companies usually handle back-office work for companies that are too small or have limited resources to have their own technical department.
One of these tools was compromised on Friday, allowing hackers to paralyze hundreds of businesses on five continents. Although most of the people affected have minor problems—such as dentists’ offices or accountants—in Sweden, hundreds of supermarkets had to close because cash registers were not working, or in New Zealand, schools and kindergartens were offline.
The hackers claiming to be responsible for the violations demanded US$70 million (approximately 5.2 billion rupees) to restore the data of all affected companies, even though they expressed their willingness to ease their demands in private conversations with cybersecurity experts and Reuters.
“We are ready to negotiate at any time,” a hacker representative told Reuters earlier on Monday. The representatives who spoke through the chat interface on the hacker website did not provide their names.
Wakora declined to say whether he was prepared to accept the hacker’s offer.
When asked whether his company would talk to hackers or pay compensation, he said: “I can’t comment on’yes’,’no’ or’maybe’.” “No comment on anything related to negotiations with terrorists in any way anything.”
As ransomware attacks become more destructive and profitable, the topic of ransom payment has become more and more worrying.
Wakora said he had talked with officials from the White House, the FBI and the Department of Homeland Security about the violations, but declined to disclose what they told him about the payment or negotiations.
On Sunday, the White House said it was checking whether there is any “country risk” in the ransomware outbreak, but Wakora said-so far-that he is not aware of any important national organizations being attacked.
“We don’t consider large-scale critical infrastructure,” he said. “That’s not our business. We don’t run AT&T’s network or Verizon’s 911 system. Nothing like that.”
Since Voccola’s company is repairing vulnerabilities in software used by hackers when performing ransomware attacks, some information security professionals speculate that hackers may have been monitoring their company’s communications from the inside.
Wakora said neither he nor the investigators brought by his company saw any signs.
“We don’t believe they are in our network,” he said. He added that “once it is’safe’ and can do so”, the details of the violation will be made public.
Some experts believe that the full consequences of this hack will be the focus on Tuesday, when Americans will return from the July 4th holiday weekend. Outside the United States, the most significant disruptions occurred in Sweden—hundreds of Coop supermarkets had to close because cash registers were not working—and New Zealand, where 11 schools and several kindergartens were affected.
In conversations with Reuters, the hacker representative described the New Zealand outage as an “accidental”.
But they did not regret the interruption in Sweden.
The representative said that the closure of the supermarket “is just a business.”
According to research published by the network security company ESET, about a dozen organizations in different countries have been affected to some extent.
© Thomson Reuters 2021