Washington – According to experts, a cyber attack on the IT company Kaseya from the USA could have hit more than a thousand companies. The Kaseya software was manipulated by an extortion program “to encrypt more than a thousand companies,” said the cybersecurity consulting firm Huntress Labs on Saturday.
Among other things, the Swedish supermarket chain Coop was affected, which had to temporarily close 800 branches due to non-functioning checkouts.
Cyber attack occurred on US Independence Day
The cyber attack occurred before the weekend that the United States celebrates Independence Day. The IT company Kaseya confirmed the cyber attack on Friday and assured them that the attack had been contained, so that only “a very small percentage” of the customers who used the so-called VSA network from Kaseya were affected. These are “estimated to be less than 40 worldwide”.
In attacks with ransomware, hackers lock or encrypt the computer systems of their victims in order to extort ransom money (in English ransomware) from the users for the release.
According to its own information, Kaseya is a leading provider of information technology and IT security for small and medium-sized companies. The VSA software enables companies to control all of their computers and printers from a single workstation. Kaseya’s US headquarters are in Florida, and its international headquarters are in Ireland.
“We are in the process of investigating the actual cause of the incident with a high degree of caution,” said Kaseya, initially in a forum of the online service Reddit. The company asked its customers to shut down their so-called VSA server immediately “until you receive further information from us”. The US cybersecurity agency (CISA) also announced that it is investigating the incident.
Coop Sweden said on Saturday that one of its subcontractors was “the target of a digital attack and that is why our tills are no longer working”. The group hopes to get the problem under control quickly and to be able to reopen the branches.
The supermarket chain did not provide any further details about the cyber attack. Coop Sweden did not disclose the name of the subcontractor concerned or the method by which the company was hacked. However, the Swedish subsidiary of the software company Visma announced that the problem was related to a major cyber attack on the IT company Kaseya on Friday.
Most recently, there were several cyber attacks on US companies. In May, the colonial oil pipeline in the USA and the US subsidiary of the world’s largest meat producer JBS fell victim to cyberattacks with ransomware. Last year, hackers gained access to the systems of ministries, authorities and companies using software from the American IT company SolarWinds.
According to the New Zealand government’s computer emergency team, a hacker group called REvil was behind the cyber attack on Kaseya. According to the US Federal Police FBI, REvil was also responsible for the cyber attack on JBS. The UN Security Council held its first meeting this week on cybersecurity and the growing threat to countries’ infrastructures from hacking.
.