Russian hackers breach 200 businesses with ransomware

Russian hackers have hit at least 200 companies or more in one of the largest supply chain ransomware attacks to date, according to cyber security group Huntress Labs Inc.

The hackers breached security IT management software suppliers and managed to compromise the businesses that use their technology.

According to Huntress Labs, the perpetrator is REvil, the Russian group that recently hacked into beef supplier JBS’s computer systems.  

This is the latest example of hackers getting into IT supply chains in order to compromise a larger number of victims through their client list. In 2020, the Russian state-backed hackers had attacked the SolarWinds IT software group and got access to the email networks of US federal agencies and corporations.

Huntress Labs Russian Hackers

Kaseya, one of the affected IT service provider, estimates that around 40 of its direct 36,000 customers might have been affected by the attacks. It advised that customers using the compromised “VSA server” tool, which provides remote monitoring and patching capabilities, shut it down immediately. “We believe that we have identified the source of the vulnerability and are preparing a patch to mitigate it for our on-premises customers that will be tested thoroughly,” the company added.

Meanwhile, Huntress said that it was aware of at least eight compromised cloud service providers resulting in around 200 businesses falling victim to the ransomware attacks. The attack can be much larger as the total number of cloud services clients that are compromised has not been determined.

Two of the affected managed service providers include Synnex Corp. and Avtex LLC.  Avtex president George Demou told Bloomberg News that “Hundreds of MSPs have been impacted by what appears to be a Global Supply Chain hack.” “We are working with those customers who have been impacted to help them recover,” he added.

Allan Liska of Recorded Future’s computer security incident response team said that small and medium businesses seek IT support from these service providers. The attacks highlight the risk of relying on third parties for system support.

“We’ve essentially handed over too much trust so that if something happens to them, it becomes a catastrophic event for your organisation through no fault of your own,” Liska said.

The Cybersecurity and Infrastructure Security Agency said that it was “taking action to understand and address the recent supply-chain ransomware attack”.

This is the latest example of hackers getting into IT supply chains in order to compromise a larger number of victims through their client list. In 2020, the Russian state-backed hackers had attacked the SolarWinds IT software group and got access to the email networks of US federal agencies and corporations.

In the past, ransomware groups often demand one bulk payment from a managed service provider instead of demanding payments from all its clients. But in this case, the REvil group has got into the systems of hundreds of managed service provides’ clients and is demanding payment from each one. “There’s no way the actors have the bandwidth handle each individual case at the same time,” said Jake Williams, chief technology officer at BreachQuest.

In May, America’s Colonial Pipeline systems were breached in a ransomware attack, affecting the computer systems controlling the outflow. The company was forced to pay 75 Bitcoin or $4million in ransom to get their systems up and running again. The government then promised to crack down strictly on such cyber hackers. At last month’s Geneva summit, president Joe Biden urged Russian president Vladimir Putin to rein in ransomware hackers.

Anna Domanska
Anna Domanska is an Industry Leaders Magazine author possessing wide-range of knowledge for Business News. She is an avid reader and writer of Business and CEO Magazines and a rigorous follower of Business Leaders.

Recent Posts

America is Losing its Appetite for Plant-Based Meat

America is Losing its Appetite for Plant-Based Meat

Most meat in 2040 will not come from animals, says report. However, the recent decline in sales of plant-based meat fell by 1.8 percent compared to the year before, taking declines
12 hours ago
Fusion startup raises $1.8 billion to give us unlimited clean energy

Fusion startup raises $1.8 billion to give us unlimited clean energy

Commonwealth Fusion Systems secures more than $1.8 billion in Series B funding to commercialize fusion energy. The funding round was led by Tiger Global Management with participati
1 day ago
Omicron might push inflation, says OECD

Omicron might push inflation, says OECD

The latest Coronavirus variant, Omicron, which is believed to be more transmissible and severe, might derail growth and recovery and raise costs, according to the Organization for
1 day ago
Who is Parag Agrawal, Twitter’s new CEO?

Who is Parag Agrawal, Twitter’s new CEO?

Indian-born Parag Agrawal took over as the CEO of Twitter as co-founder Jack Dorsey stepped down for the second time in his career. Agrawal is the fourth person to take the reins a
2 days ago
Goldman Sachs rolls out paid leave for pregnancy loss

Goldman Sachs rolls out paid leave for pregnancy loss

Goldman employees are now eligible for 20 days of paid leave for a miscarriage or stillbirth. The investment banking giant is also increasing its retirement fund matching contribut
2 days ago
Boom in Tech IPOs in 2021

Boom in Tech IPOs in 2021

The big tech cloud-based software companies such as Zoom, Snowflake, Asana, Airbnb, Amazon, Salesforce and Palantir have all witnessed a rise in stock prices as work from home and
3 days ago