Casey called for a cyber-attack on Saturday Complicated, Ensuring that it is disconnected To very few customers.

A long weekend

On Friday evening, the company explained that the afternoon was likely to happen on VSA Software on the American East Coast, just before the extension of a public holiday on Monday.

The company believed then Less than 40 users worldwide Affected.

But the second is providing services to other companies.

Says a company that specializes in computer security Huntress Labs, More than a thousand companies This ransomware is infected.

Based in Miami, Casey offers IT tools to small and medium-sized businesses, including a VSA tool for managing their servers, computers, and printers from a single source. It claims more than 40,000 customers.

US Agency for Cyber ​​Security and Infrastructure Security (CISA) Monitor the situation closely, Said Eric Goldstein, who is responsible for cybersecurity in the organization.

We work with Casey to coordinate with the FBI to reach out to victims., He added in a message sent to AFP.

Frequent attacks

Ransomware attacks have been on the rise, with attacks affecting large companies such as meat giant JBS, oil pipeline operator Colonial Pipeline, local communities, companies and hospitals in recent months.

Many experts believe that the hackers behind this attack are often Russia-centric. Moscow, which suspects that their activities are being covered up or linked, denies the intervention.

This phenomenon was one of the key issues raised by US President Joe Biden during a meeting with Russian rival Vladimir Putin in mid – June.

Joe Biden, who ordered the investigation, claimed it The first thought is not about the Russian government, but we are not sure yet.

The latest ransomware attack affecting hundreds of businesses is a call to the US government to crack down on these foreign cyber criminals.Divided Christopher Roberti, who is in charge of cyber security in the American Chamber of Commerce.

The logic of the robbery

The nature of the attack is similar to that used with the publisher of IT management software Solar WindsThis affected government agencies and American businesses by the end of 2020.

But in general Cybercriminals operate according to business, Recalls Jerome Billois, a cybersecurity expert at consulting firm Wavestone.

In this case, they attacked a company that provides computer system management software, allowing it to reach several dozen or even hundreds of companies at once., He explains.

Determining the exact number is complicated because in such a situation, the affected companies will lose their means of communication, Mr. Billois added. Casey, who asked customers to shut down all of their systems, could not say whether their system had been shut down. Mentally ingly pre- or by force, He explains.

Accordingly Huntress Labs, It is an affiliate of the Digital Buckwheat Group, based on the methods used, ransomware notes, and the Internet address provided by the hackers. Swear Or Sodinokibi This will be the origin of the infiltration.

The FBI has blamed the group for a cyber attack on JBS in late May.

The attack began on Friday One of the most important and expansive I have ever seen in my career, Says Alfred Saikali of Hardy & Bacon, a law firm used to handle such situations.

It is generally recommended not to pay a ransom, he says. But sometimes, especially when data cannot be saved, There is no other way, He agrees.

If several companies choose to pay, there is no guarantee that it is a hacker group Ability to handle conversations simultaneously, Mr. Callo also comments.

If they have to stand in line for discussions, the time lost can be very costly..