At least 1,000 American companies have been hit by a new wave of cyberattacks, not 200 companies as it was reported earlier, just hours before the beginning of the July Fourth holiday weekend, researchers have said.
More than 1,000 businesses have already been impacted, and more are expected to be targeted, according to the cybersecurity firm Huntress Labs Inc, Bloomberg News reported on Saturday.
“Based on a combination of the service providers reaching out to us for assistance along with the comments we’re seeing in the thread we are tracking on our Reddit, it’s reasonable to think this could potentially be impacting thousands of small businesses,” according to John Hammond, a cybersecurity researcher at Huntress Labs.
Among the companies hit was Kaseya Ltd., a Miami-based developer of software for managed service providers, according to cybersecurity experts.
“What makes this attack stand out is the trickle-down effect, from the managed service provider to the small business,” Hammond said. “Kaseya handles large enterprise all the way to small businesses globally, so ultimately, it has the potential to spread to any size or scale business.”
Eric Goldstein, the executive assistant director for cybersecurity at the US Cybersecurity and Infrastructure Security Agency said they are closely monitoring the alarming situation.
“We are working with Kaseya and coordinating with the FBI to conduct outreach to possibly impacted victims,” he said in a statement. “We encourage all who might be affected to employ the recommended mitigations and for users to follow Kaseya’s guidance to shut down VSA servers immediately. As always, we stand ready to assist any impacted entities.”
Earlier it was reported that some American companies were hit by the new ransomware attack, setting off alarm bells among US cybersecurity officials who have been increasingly rattled by a new wave of cyberattacks targeting broad sectors of the US economy.
The cyberattack, which is suspected to have been launched by the same group that hit meat supplier JBS Foods this spring, infiltrated a major software company called Kaseya and compromised hundreds of its IT management clients.
The cyberattackers, whom US cybersecurity experts said likely operated out of Russia, managed to smuggle ransomware onto the network platform of Kaseya, whose signature VSA software is widely used by IT management companies and other businesses around the world.
Kaseya said Friday evening that it had limited the attack to “a very small percentage of our customers.” Kaseya describes itself as a leading provider of IT and security management services to small and medium-sized businesses.
At least a dozen IT management firms that rely on VSA software have already been knocked out, leaving their corporate clients vulnerable.
In recent months, organizations that play critical roles across broad swaths of the US economy have been targeted by cyberattacks.
More recently, cybercriminals took down Colonial Pipeline in May and disrupted fuel shipments to gas stations all along the US east coast. About a month later, the cyberattack against JBS, the world’s largest meat processing company, prompted a temporary shutdown of all nine of its plants in the United States.