Hackers attacked thousands of computer systems in several major Western countries
Thousands of computer systems around the world have been attacked by ransomware that targets certain types of systems. This comes just days after a similar hack in the UK derivatives trading operator.
According to the cybersecurity agencies of France and Italy, their countries, as well as Canada and the United States, were among the victims. Officials in Italy are planning a meeting soon to assess the situation.
Malicious hackers exploit a vulnerability that has been known for two years. The French Computer Emergency Response Team said applying patches now would not be enough, as hackers could take advantage and "drop malicious code."
Ransomware is a type of malware that locks the victim's files, after which the hackers demand a fee to provide an encryption key. LockBit, the team behind last week's attack on ION Trading UK, said it received a ransom and unlocked the files. ION declined to comment on whether the ransom was actually paid.
It is unclear if any group has claimed responsibility for the latest attack. LockBit has been active since at least January 2020 and extorted at least $100 million, according to the US Department of Justice.
According to public reports, the latest attacks have targeted a specific vulnerability in some VMware ESXi hypervisors. This allows companies to host virtual machines and run multiple operating systems on a single server.
The vulnerabilities are two years old and should have been fixed by now, but it is clear that many servers are still not protected
said Stefano Zanero, professor of cybersecurity at the Politecnico di Milano in Italy.
Following a ransomware attack on ION Trading last week, the company issued a statement stating that a cyber incident with VMware servers was the cause of the problem.
Information