Up to 1,500 Businesses Affected by Ransomware Attack, US Firm’s CEO Says
According to Kaseya’s chief executive, ransomware attacks have affected between 800 and 1,500 businesses worldwide.
Fred Voccola (the CEO of the Florida-based company) stated in an interview that Friday’s attack had a hard impact because the victims were mostly Kaseya customers.
Kaseya offers software tools to IT outsourcing companies: these companies typically handle back-office work in companies with too little or inadequate resources to have their own tech departments.
One of these tools was compromised Friday by hackers, allowing them to paralyze hundreds upon hundreds of businesses across five continents. While most of the affected were small issues such as accountants or dentists, the disruption was felt more strongly in Sweden where hundreds of supermarkets were forced to close due to inoperative cash registers. In New Zealand, schools and kindergartens were also shut down.
Although they demanded $70million to restore all affected businesses’ data, hackers who claimed to be responsible for the breach have indicated a willingness and ability to compromise their demands in private conversations both with Reuters and with a cybersecurity expert.
“We are always willing to negotiate,” a representative from the hackers said to Reuters earlier Monday. The representative spoke to Reuters via a chat interface from the hackers’ website but didn’t give their name.
Voccola declined to answer whether he was willing to accept the offer from the hackers.
When asked if his company would pay hackers or talk to them, he replied “I can’t comment yes or no.” “No comment about negotiating with terrorists in any way.”
Voccola stated that he spoke to the FBI, White House, and Department of Homeland Security officials about the breach. However, he did not know of any national-important businesses being affected.
He said, “We are not looking at massive critical infrastructure.” It’s not our business. We are not responsible for AT&T’s network and Verizon’s 911 system. There’s nothing like that.
Voccola’s company was fixing a flaw in the software when the hackers attacked. Information security professionals speculate that the hackers may have been watching his communications from inside.
Voccola stated that neither he nor his investigators had seen any signs of it.
He stated that “we don’t believe they were in our networks.” He said that details of the breach would be publicized “once it’s safe and okay to do so.”