seem Hackers launched a global ransomware attack, infecting more than 1,000 companies, and forcing the Swedish grocery chain Coop to close hundreds of stores.
In what appears to be one of the largest supply chain attacks to date, hackers have infiltrated Kaseya, a supplier of IT management software, in order to spread ransomware to managed service providers who use its technology, as well as to their customers.
Cybersecurity group Huntress Labs said it has identified 20 compromised managed service providers, with more than 1,000 of its customers falling victim to ransomware attacks.
Among the victims, Coop in Sweden said it closed all but five of its 800 stores after the attack caused its registration system to stop working.
The company said Coop was affected after managed service provider Vissma Escom was infected.
Read also: Amazon starts selling groceries online
Huntress Labs attributed the attacks to the Russia-linked REvil group, which the FBI has claimed was behind the latest attack against beef supplier JBS.
US President Joe Biden said he had ordered US government agencies to investigate who was behind them. “The initial thinking was that it wasn’t the Russian government, but we’re not sure yet,” he added.
This incident represents the most recent example of hackers penetrating the IT supply chain in order to attack victims on a large scale, by hacking only one provider.
Read also: Porn app that takes photos of users and demands ransom on Android
It emerged last year that Russian state-backed hackers had hacked the SolarWinds IT suite. This is in order to hack the email networks of US federal agencies and companies.
Kaseya said it was the victim of a sophisticated cyber attack and that about 40 of its 36,000 direct customers were affected.
Ransomware attacks threaten global companies
Kaseya urged those using the compromised VSA Server tool, which provides remote monitoring, to turn it off.
“We believe we have identified the source of the vulnerability and are working to develop a patch to mitigate the problem for our local customers,” the company added.
Also Read: 6 Steps to Countering Ransomware Cyber Attacks
The FBI said it was investigating the ransomware attacks. The office was working with Kaseya and the US Cyber and Infrastructure Security Agency to contact the victims.
This campaign is the latest in a series of ransomware attacks this year. Including an attack on the Colonial pipeline in America, which prompted the Biden administration to make pledges to crack down on the perpetrators.
At the Geneva summit last month, President Joe Biden urged Russian President Vladimir Putin to rein in ransomware hackers.