Hackers Hit Miami-Based IT Software Company In One Of The World's Largest Ransomware Attacks
MIAMI (CBSMiami) – The FBI is investigating what may become one of the world's largest ransomware attacks.
A Russia-based cybercriminal group called "REvil" is demanding a $70-million ransom. The attack affects hundreds of businesses, including financial service firms and a European grocery chain.
Hackers hit Miami-based IT software company Kaseya on Friday. They infected some of its customers that rely on the network management system.
That included Swedish grocery chain Coop, which closed most of its 800 stores for a second day Sunday because their cash register software shut down.
"Lots of criminal organizations are finding out that they can get paid millions of dollars to disrupt our economy," said Jason Crabtree, chief executive officer of QOMPLX. "If you compromise Kaseya, you can then take over the Kaseya infrastructure to help broadcast ransomware to all of those unwitting victims."
After recent ransomware breaches at Colonial Pipeline and JBS, a major meat processor, Homeland Security warned in a recent intelligence report, which was obtained by CBS News, that ransomware attacks "are likely to increase in the near and long term."
"These are largely Russian-affiliated entities. These organizations are able to operate with relative impunity because there's not really any enforcement from the Russian state," said Crabtree.
In a statement, Kaseya said, "Customer teams continue to work around the clock...to resolve the issue and restore our customers to service."
Cybersecurity experts say launching the attack on a holiday weekend allowed cybercriminals to burrow into networks. They expect more victims to come forward when businesses fully reopen Tuesday.