Hundreds of US companies were hit by Colossal attacks before the July 4 holiday weekend, according to cybersecurity firm Huntress Labs.
Huntress Labs said Friday that 200 US companies affected by the incident at Miami-based IT firm Kaseya, which is likely the latest in a series of hacks to destabilize US companies.
“This is a colossal and devastating attack on the supply chain,” John Hammond. He is a senior security researcher at Huntress, said in an email. He citing an increasingly popular hacking technique for hijacking software to harm hundreds or thousands of users.
Hammond on Colossal Cyber Attack
Hammond adds that if Kaseya involve in everything from large to small businesses. He “has the potential to grow to any size and scale.”
In a statement posted on its own website, Kaseya said it was investigating “potential attacks” on VSA. A tool widely used to reach corporate networks in the US.
In a statement, Kaseya said the tool offered to monitor and manage servers, desktops, network devices and printers and may have attacked. Such attacks can be very dangerous, said Chris Grove, a security expert at cybersecurity firm Nozomi Networks.
“Once a breach occurs, victims usually reach for these tools to get out of a bad situation. But when the tools themselves are problematic or inaccessible. It adds complexity to recovery efforts,” he said.
After the incident, Kaseya said that “a small number of local customers” may affected. The company said it shut down some of its infrastructure. Company asked customers using their on-premises tools to shut down their servers immediately.
Casey asked for comment and referred the Guardian for a statement on its website.
Huntress on Colossal attacks
Huntress said, “she believes Russia’s REvil-linked ransomware gang. The same group of actors accused by the FBI of crippling JBS meat packs last month – was behind the latest ransomware outbreak.”
An email sent by Reuters to the hacker asking for comment not immediately reply to. In a statement, the US Cyber Security and Infrastructure Agency said it was “taking steps to understand and address recent supply chain ransomware attacks” on Kaseya’s VSA products.
Supply chain attacks have crept to the top of the cybersecurity agenda after hackers, allegedly working on orders from the Russian government, manipulated by network monitoring tools from Texas software company Solar Winds.
Ransomware attack incidents have exploded over the past year. It helped by the ease of paying with the advent of cryptocurrencies and the rise of work from home. It will making computers more vulnerable.
Kaseya has 40,000 customers for its products, although not all use the affected tools.