The hack is the latest and most dramatic in a series of high-profile ransomware attacks this year, exposing the pandemic-style threat that this type of cybercrime poses to companies and governments around the world.
Iran Press/America: Hundreds of companies were directly hit by the supply-chain attack on Kesaya's VSA software, which provides IT services to small and medium-sized businesses, according to CNET. At least 36,000 companies were indirectly impacted.
The Coop, one of Sweden's largest grocery chains, had to close 800 of its stores, according to the New York Times.
Kaseya said in a Sunday night update that its executive committee will meet Monday morning "with a goal of starting the restoration process to bring our data centers online by end of the day on July 5," though it cautioned that this timeline could change.
"This is without a doubt going to turn out to be the biggest most destructive ransomware campaign that we’ve seen so far," tweeted Dmitri Alperovitch, co-founder and former chief technology officer of cybersecurity firm Crowdstrike.
The $70 million ransomware demand was posted to a dark-web blog typically used by REvil, the Russia-linked cybercrime gang behind the attack that crippled the US operations of meat processor JBS.
The White House said in a statement Sunday that President Biden has "directed the full resources of the government to investigate this incident," and urged businesses to adopt recommendations released last month to shore up their cyber defenses.
The FBI asked businesses to report whether their systems have been compromised, but cautioned that it may not be able to respond to each victim individually "[d]ue to the potential scale of this incident."
211