The Casey Group, which says it is “investigating the source of the problem,” has asked all clients running its software on campus to shut down its servers.
About 200 companies were targeted in a cyber-attack on Friday (July 2) by a company specializing in computer security Huntrus labs, with a demand for recovery via the management software of the American company Ghazia.
“We are exploring a possible attack on (software) VSA, which seems to be limited to a limited number of our on-site customers,” Casey said on his website, which has “cautiously” shut down some servers.
“200 companies are encrypted”
The U.S. Agency for Cyber Security and Infrastructure Security (CISA) said on its own website that it was taking action to “understand and resolve the latest ransomware attack” against Cassia’s VSA software and multiple service providers. IT management using this software.
He encourages companies to follow Ghazia’s advice, including “following their procedure for shutting down servers” related to software. According to Honduras Labs, the group “encrypted about 200 companies” without specifying the size or nature of the target companies.
Approval of the Kremlin
“Based on the computer models, ransomware specifications and TOR URL (web address used), we firmly believe that a hacker group called” Revel or Sodinokibi “is at the root of these intrusions,” said the Honduras Labs Reddit Forum.
The FBI led the group to a computer attack against the global meat company JBS in early June, which paralyzed its operations in North America and Australia for several days.
The United States has been plagued in recent months by waves of cyber attacks affecting large corporations and the oil pipeline operator colonial pipeline and local communities and hospitals. Many of these attacks were attributed to Russian-based hacker groups operating at least with the indirect consent of the Kremlin.