New York: The FBI said on Sunday that the “scale” of a major ransomware attack against a US IT company may mean that investigators will not be able to deal with each victim individually.
On Friday, just before the long holiday weekend of July 4 in the United States, hackers attacked Kaseya, a company that provides IT services to other companies. The company launched a ransomware attack that could target as many as 1,000 other companies.
The FBI said it has launched an investigation with the Cybersecurity and Infrastructure Security Agency and other US federal agencies “to understand the scope of the threat.”
“If you believe your systems have been compromised, we encourage you to employ all recommended mitigations, follow Kaseya’s guidance to shut down your VSA servers immediately and report to the FBI,” the bureau said in a statement Sunday, referencing the signature networking software that was attacked.
“Although the scale of this incident may make it so that we are unable to respond to each victim individually, all information we receive will be useful in countering this threat,” the FBI statement said.
President Joe Biden said Saturday that he had ordered an investigation, in particular to find out whether the assault had come from Russia.
“We’re not sure yet,” he said Saturday.
Russian hackers have been accused of launching a series of ransomware attacks, and Biden recently raised this threat during a meeting with Russian President Putin.
Ransomware attacks usually involve the use of encryption technology to lock data in the system, allowing the company to pay to regain access.
Kaseya describes itself as a leading provider of IT and security management services for small and medium enterprises. VSA is designed to allow companies to manage computer and printer networks from a single point.
The company said in a new statement on Sunday that they are “working around the clock in all regions” to get their systems back up and running.
They said they hope to get a restricted version of their platform running again within a few days.
The interruption forced the Swedish supermarket chain Coop Sweden to close on Saturday because their cash register system was dismantled in the attack.
Several US companies, including the computer group SolarWinds and Colonial Oil Pipeline, have also recently been targeted by ransomware attacks.