Stories
Slash Boxes
Comments

SoylentNews is people

Breaking News
posted by janrinok on Saturday July 03 2021, @10:55AM   Printer-friendly
https://www.bbc.com/news/world-us-canada-57703836

About 200 US businesses have been hit by a "colossal" ransomware attack, according to a cyber-security firm.

Huntress Labs said the hack targeted Florida-based IT company Kaseya before spreading through corporate networks that use its software.

Kaseya said in a statement on its own website that it was investigating a "potential attack".

Huntress Labs said it believed the Russia-linked REvil ransomware gang was responsible.

The US Cybersecurity and Infrastructure Agency, a federal agency, said in a statement that it was taking action to address the attack.

The cyber-breach emerged on Friday afternoon as companies across the US were clocking off for the long Independence Day weekend.

The two big things that are keeping cyber-security professionals up at night lately are ransomware attacks and supply chain attacks. This latest incident combines both nightmares into one big Independence Holiday weekend-ruining event for hundreds of US IT teams.

Ransomware is the scourge of the internet. Multiple organised criminal gangs are constantly attempting to gain access to computer networks to hold them hostage. The rate of attack is relentless but it can take a lot of time and effort on the criminals part to successfully hijack one victim's computer system.

See also:

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Saturday July 03 2021, @04:01PM

    by Anonymous Coward on Saturday July 03 2021, @04:01PM (#1152594)

    Replace this with something other than Windows, and you still have the same problem.

    In case of one single something, sure; Android is enough of demonstrable proof. A forced monoculture is the problem, it does not matter who is forcing what.

    Customizable systems, and making use of that customization, is the solution. When you have a dozen Linux distros, each with several supported versions, with final users (IT dept) recompiling the kernel and some other things and uninstalling other things, to match the setup to their actual needs - a nice zero-day exploit for some version range of SHITTTP protocol handler suddenly becomes usable only on the tiny minority of systems, those that actually are using SHITTTP + have an exploitable version installed.

    That setup would not much help clueless end users with no one to do their customization for them, but even then, "some version of some distro" is a much smaller target than "same install and patch of same Windows". As demonstrably proven with Android exploits.