31.8 F
December 8, 2021

White House reaching out with assistance to latest ransomware victims

The White House is reaching out to victims of a wide-ranging ransomware outbreak, officials said on July 4, 2021. (REUTERS/Kacper Pempel/File Photo)

WASHINGTON (Reuters) — The White House said on Sunday it was reaching out to victims of a wide-ranging ransomware outbreak that is centered on a Florida-based information technology company and has had an impact on hundreds of businesses worldwide.

Miami-based Kaseya has said that fewer than 60 of its customers had been “directly affected” by the attack.

But the full impact of the intrusion is still coming into focus, in part because the Kaseya software tool commandeered by the cyber criminals is used by so-called managed service providers, outsourcing shops that other businesses use to handle their back-office IT work, like installing updates.

One cybersecurity executive said his company alone had seen 350 customers attacked.

The White House deputy national security adviser for cyber and emerging technology, Anne Neuberger, said in a statement that the FBI and the Department of Homeland Security’s cyber arm “will reach out to identified victims to provide assistance based upon an assessment of national risk.”

President Joe Biden said on Saturday he directed U.S. intelligence agencies to investigate who was behind the ransomware attack.

Security firm Huntress Labs said on Friday it believed the Russia-linked REvil ransomware gang was to blame for the latest outbreak. Last month, the FBI blamed the same group for paralyzing meat packer JBS SA.

Kaseya said on Sunday that it hired cybersecurity company FireEye Inc to help deal with the fallout of the breach.

“The two biggest regions we’ve seen are USA and Germany,” Ross McKerchar, chief information security officer at Sophos Group Plc, said of the impact from the latest ransomware.

Those affected included schools, small public-sector bodies, travel and leisure organizations, credit unions and accountants, he said.

The rash of German victims may be due to a major provider there having been compromised. Germany’s federal cybersecurity watchdog said on Sunday an unidentified IT service provider that looks after several thousand customers had been hit.

In some cases, chain reactions fed more widespread disruption.

The Swedish Coop grocery store chain had to close hundreds of stores on Saturday because its cash registers are run by Visma Esscom, which manages servers for a number of Swedish businesses and in turn uses Kaseya.

McKerchar said the wave of disruption was another illustration of how difficult it was for modestly sized businesses to beat back increasingly well-funded cyber-criminal gangs.

“Small businesses are outgunned when it comes to cybersecurity,” he said.

(Reporting by Raphael Satter and Trevor Hunnicutt; Additional reporting by Andreas Rinke in Berlin; Editing by Peter Cooney)


Related Stories

Raphael Satter

Trevor Hunnicutt

More stories you may be interested in

Related posts

Tony Bennett reveals he has been diagnosed with Alzheimer's


Utah has dropped its gun permit law: Will it be status quo or the Wild West?


Woman dead after head-on crash on 9400 South in Sandy


Boise County man dies from rabies; Idaho’s first death from virus in 43 years


15 cats, dog found living in deplorable conditions in motor home, police say


Canada to admit vaccinated US tourists after more than 16 months