New ransomware attack may affect ‘1,500 businesses worldwide’

The Chief Executive Officer of Kaseya, a U.S.-based information technology firm, Fred Voccola, has said between 800 to 1,500 businesses around the world may have been affected by a ransomware attack on the company last Friday.

Mr Voccola made the disclosure during an interview on Monday, stating that it was hard to estimate the precise impact of the attack because those hit were mainly clients of Kaseya’s customers, Al-Jazeera reported.

Kaseya is a company that provides software tools to IT outsourcing shops that typically handle back-office work for companies too small or modestly resourced to have their own tech departments.

However, one of these tools was subverted on Friday, giving room for hackers to paralyze hundreds of businesses on five continents.

Most of those affected are small concerns like dentists’ offices and accountants.

The disruption has been felt more in Sweden and New Zealand, with hundreds of supermarkets reportedly shut down due to inoperative cash registers, while schools were knocked offline.

Hackers who claimed responsibility for the breach are demanding $70 million to restore all the affected businesses’ data, although they have indicated a willingness to temper their demands in private conversations with a cybersecurity expert and Reuters.

“We are always ready to negotiate,” a representative of the hackers who spoke via a chat interface but did not provide their names was quoted to have told Reuters earlier Monday.

Also, Mr Voccola refused to admit whether he will yield to the hackers demand or not during the interview.

“I can’t comment ‘yes’, ‘no’, or ‘maybe’, no comment on anything to do with negotiating with terrorists in any way,” Mr Voccola was quoted to have said when asked whether his company would talk to or pay the hackers.

The topic of ransom payments has become increasingly disturbing as ransomware attacks have been more disruptive and somewhat lucrative among perpetrators.

Mr Voccola said he had spoken to officials at the White House, the Federal Bureau of Investigation (FBI) and the Department of Homeland Security about the breach, but he did not specify whether they had asked him to pay or negotiate with the hackers.

Meanwhile, as of Sunday, the White House said it was checking to see whether there was any “national risk” posed by the ransomware outbreak, but Mr Voccola explained that so far he is not certain of any nationally important organisations being hit.

“We’re not looking at massive critical infrastructure,” he was quoted have said, adding “That’s not our business. We’re not running AT&T’s network or Verizon’s 911 system. Nothing like that.”

While this subsist, some information security professionals have speculated that the hackers might have been monitoring the company’s communications from the inside.

A claim Mr Voccola debunked, he said; “We don’t believe that they were in our network,” and that the details of the breach would be made public “once it’s ‘safe’ and OK to do that”.

Some experts also believe that the full fallout from the hack will come into focus on Tuesday, when Americans must have returned from their July fourth holiday weekend.