The cyber attack on Kaseya, a Miami-based information technology firm, attacked IT structures vital to the world’s digital nerve system, the president of the federal office for information security (BSI) said on Monday (July 5).
BSI president Arne Schoenbohm expects more companies to be coming forward reporting breaches in their security systems. “Kaseya had many IT service providers as clients. Some have already reported (breaches), and I assume that there will be more in the course of today and in the course of this week. It is a dynamic situation of danger which is evolving here,” he told Reuters TV in an interview.
He said so far there were no information yet of “critical infrastructures” in Germany being affected. That showed that Germany cyber security law was a good protection against attacks.
Hackers suspected to be behind a mass extortion attack that affected hundreds of companies world-wide late on Sunday demanded $70 million to restore the data they are holding ransom, according to a posting on a dark web site.
The demand was posted on a blog typically used by the REvil cybercrime gang, a Russia-linked group that is counted among the cybercriminal world’s most prolific extortionists.
The gang has an affiliate structure, occasionally making it difficult to determine who speaks on the hackers’ behalf, but Allan Liska of cybersecurity firm Recorded Future said the message “almost certainly” came from REvil’s core leadership.
REvil’s ransomware attack, which the group executed on Friday, was among the most dramatic in a series of increasingly attention-grabbing hacks.
The gang broke into Kaseya and used their access to breach some of its clients’ clients, setting off a chain reaction that quickly paralysed the computers of hundreds of firms world-wide.
(Production: Erol Dogrudogan, Ute Swart)