Login

Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Up to 1,500 businesses affected by ransomware attack: CEO

Reprints
Cyber Risks Emerging Risks Risk Management More + Less -
Kaseya

(Reuters) — Between 800 and 1,500 businesses around the world have been affected by a ransomware attack centered on U.S. information technology company Kaseya, its CEO said Monday.

Fred Voccola, the Florida-based company's CEO, said in an interview that it was hard to estimate the precise impact of Friday's attack because those hit were mainly customers of Kaseya's customers.

Kaseya is a company that provides software tools to IT outsourcing shops: companies that typically handle back-office work for companies too small or modestly resourced to have their own tech departments.

One of those tools was subverted on Friday, allowing the hackers to paralyze hundreds of businesses on all five continents. Although most of those affected have been small concerns — like dentists' offices or accountants — the disruption has been felt more keenly in Sweden, where hundreds of supermarkets had to close because their cash registers were inoperative, or New Zealand, where schools and kindergartens were knocked offline.

The hackers who claimed responsibility for the breach have demanded $70 million to restore all the affected businesses’ data, although they have indicated a willingness to temper their demands in private conversations with a cybersecurity expert and with Reuters.

“We are always ready to negotiate,” a representative of the hackers told Reuters earlier Monday. The representative, who spoke via a chat interface on the hackers' website, didn’t provide their name.

Mr. Voccola refused to say whether he was ready to take the hackers up on the offer.

“I can't comment 'yes,' 'no,' or 'maybe',” he said when asked whether his company would talk to or pay the hackers. “No comment on anything to do with negotiating with terrorists in any way.”

The topic of ransom payments has become increasingly fraught as ransomware attacks become increasingly disruptive — and lucrative.

Mr. Voccola said he had spoken to officials at the White House, the Federal Bureau of Investigation and the Department of Homeland Security about the breach but declined to say what they had told him about paying or negotiating.

On Sunday the White House said it was checking to see whether there was any "national risk" posed by the ransomware outbreak but Mr. Voccola said that — so far — he was not aware of any nationally important organizations being hit.

“We're not looking at massive critical infrastructure,” he said. “That's not our business. We're not running AT&T's network or Verizon's 911 system. Nothing like that.”

 

 

 

Most Read in Risk Management

Sign up for Daily Briefing, the free email newsletter from Business Insurance.

About

Advertise

Reprints and Licensing

Resources

. Privacy PolicyTerms of Use

COPYRIGHT © 2024 BUSINESS INSURANCE HOLDINGS

Member, Beacon International Group, Ltd.