Russian hackers breach 200 businesses with ransomware

Russian hackers have hit at least 200 companies or more in one of the largest supply chain ransomware attacks to date, according to cyber security group Huntress Labs Inc.

The hackers breached security IT management software suppliers and managed to compromise the businesses that use their technology.

According to Huntress Labs, the perpetrator is REvil, the Russian group that recently hacked into beef supplier JBS’s computer systems.  

This is the latest example of hackers getting into IT supply chains in order to compromise a larger number of victims through their client list. In 2020, the Russian state-backed hackers had attacked the SolarWinds IT software group and got access to the email networks of US federal agencies and corporations.

Huntress Labs Russian Hackers

Kaseya, one of the affected IT service provider, estimates that around 40 of its direct 36,000 customers might have been affected by the attacks. It advised that customers using the compromised “VSA server” tool, which provides remote monitoring and patching capabilities, shut it down immediately. “We believe that we have identified the source of the vulnerability and are preparing a patch to mitigate it for our on-premises customers that will be tested thoroughly,” the company added.

Meanwhile, Huntress said that it was aware of at least eight compromised cloud service providers resulting in around 200 businesses falling victim to the ransomware attacks. The attack can be much larger as the total number of cloud services clients that are compromised has not been determined.

Two of the affected managed service providers include Synnex Corp. and Avtex LLC.  Avtex president George Demou told Bloomberg News that “Hundreds of MSPs have been impacted by what appears to be a Global Supply Chain hack.” “We are working with those customers who have been impacted to help them recover,” he added.

Allan Liska of Recorded Future’s computer security incident response team said that small and medium businesses seek IT support from these service providers. The attacks highlight the risk of relying on third parties for system support.

“We’ve essentially handed over too much trust so that if something happens to them, it becomes a catastrophic event for your organisation through no fault of your own,” Liska said.

The Cybersecurity and Infrastructure Security Agency said that it was “taking action to understand and address the recent supply-chain ransomware attack”.

This is the latest example of hackers getting into IT supply chains in order to compromise a larger number of victims through their client list. In 2020, the Russian state-backed hackers had attacked the SolarWinds IT software group and got access to the email networks of US federal agencies and corporations.

In the past, ransomware groups often demand one bulk payment from a managed service provider instead of demanding payments from all its clients. But in this case, the REvil group has got into the systems of hundreds of managed service provides’ clients and is demanding payment from each one. “There’s no way the actors have the bandwidth handle each individual case at the same time,” said Jake Williams, chief technology officer at BreachQuest.

In May, America’s Colonial Pipeline systems were breached in a ransomware attack, affecting the computer systems controlling the outflow. The company was forced to pay 75 Bitcoin or $4million in ransom to get their systems up and running again. The government then promised to crack down strictly on such cyber hackers. At last month’s Geneva summit, president Joe Biden urged Russian president Vladimir Putin to rein in ransomware hackers.

Anna Domanska
Anna Domanska is an Industry Leaders Magazine author possessing wide-range of knowledge for Business News. She is an avid reader and writer of Business and CEO Magazines and a rigorous follower of Business Leaders.

Recent Posts

Strong iPhone 12 sales could boost Apple’s Q3 2021 earnings

Strong iPhone 12 sales could boost Apple’s Q3 2021 earnings

Will Apple manage to post solid earnings in Q3 2021? Here’s what Wall Street’s top analysts have to say ahead of Apple’s Q3 2021 earnings report today.
14 mins ago
Tesla earnings top $1 billion for the first time

Tesla earnings top $1 billion for the first time

Tesla earnings not only blew past analyst expectations but also marked the first time the automaker’s quarterly profit joined the three-comma club.
2 hours ago
Elon Musk tweet pushes Dogecoin prices up again

Elon Musk tweet pushes Dogecoin prices up again

Dogecoin was launched as a joke in 2013. The cryptocurrency is up a staggering 6,000% compared to last year’s prices due to wild speculations.
2 hours ago
Amazon to hire a crypto lead, may soon accept payments in cryptocurrency

Amazon to hire a crypto lead, may soon accept payments in cryptocurrency

The product lead will develop the full marketing strategy from customer experience to technical development to launching it.
1 day ago
Billionaire CEO Elon Musk Shares the Brutal Truth about Life as an Entrepreneur

Billionaire CEO Elon Musk Shares the Brutal Truth about Life as an Entrepreneur

“I would say I’ve had some pretty tough life experiences and Tesla’s probably responsible for two-thirds of all personal and professional pain combined, to give you a sense o
2 days ago
AT&T, Airbnb & UPS among firms to face Akamai’s global outage

AT&T, Airbnb & UPS among firms to face Akamai’s global outage

Global outage causes Akamai Technologies to re-think cyber securities.
4 days ago