Is Major Oz Retailer Caught Up In $92M Ransom Hack Attack?
The Australian Federal Government’s Cyber Security Organization is helping several Australian firms including a major retailer who have fallen victims of a Kaseya ransomware attack, the biggest global ransomware attack on record, with the hackers now asking for A$92 in bitcoin.
The ACSC said that as of 5 July 2021, the ACSC has received reporting of this incident impacting Australian organisations and are working with victims to assist and to better understand the extent of impact.
They claim that they are currently working with the FBI to provided updated guidance and mitigation advice.
Part of the Australian Governments intelligence agency, the ASC said that while this activity is under investigation, early reporting indicates that a supply-chain attack has enabled the REvil group to eya VSA with the intent of encrypting and ransoming data held on victim networks.
“There is a lot of chatter among incident responders in Australia that there are impacted businesses here,” said the managing director of digital forensics and incident response at Ankura, Josh Lemon.
ChannelNews has been told that a major retailer has been affected by the attack.
Currently Kaseya have identified a vulnerability in their software and are developing a patch in addition to releasing a compromise detection tool.
The ACSC recommends Australian organisations follow the advice provided by Kaseya and CISA-FBI which is to immediately shutdown Kaseya servers until further notice in addition to implementing Multi-Factor Authentication (MFA) and ensuring service accounts run with minimal appropriate privileges.
Hackers demanding US$70 million ($92M) in bitcoin in exchange for data stolen during the attack that has shuttered hundreds of Swedish supermarkets.
Researchers believe more than 1,000 companies several in Australia have been affected by the attack on US based firm Kaseya, which provides IT services to some 40,000 businesses around the world.
The FBI warned Sunday that the scale of the “ransomware” attack — a form of digital hostage-taking where hackers encrypt victims’ data and then demand money for restored access — is so large that it may be “unable to respond to each victim individually”.
“It’s probably the biggest ransomware attack of all time,” said Ciaran Martin, cybersecurity professor at the University of Oxford.