The Italian government reported thousands of exposed computer systems worldwide due to a ransomware attack on VMware ESXi servers, just days after a United Kingdom derivates trading operator experienced a similar hack.

Florida Attorney General Opens New CyberCrime Unit Office
(Photo : Joe Raedle/Getty Images)
FORT LAUDERDALE, FL - MARCH 07: Lt. Mike Baute from Florida's Child Predator CyberCrime Unit talks with a man on instant messenger during the unveiling of a new CyberCrimes office March 7, 2008 in Fort Lauderdale, Florida. The person on the other side of the chat told Lt. Baute, who is saying he is a 14-year-old girl, that he is a 31-year-old male and sent him a photograph of himself. 

Ransomware Attack

Italy's National Cybersecurity Agency (ACN) revealed thousands of computer servers were exposed to a ransomware attack, after targeting VMware servers. This affected countries like Italy, France, Finland, Canada, and the United States. 

As per Bloomberg's report, the agency will have a meeting with top officials on Monday to assess the attack and what will they do next to prevent this situation. Italian authorities then warned organizations to take action to protect their systems, as they were likely to have been affected by this situation.

Politecnico di Milano Cybersecurity Full Professor Stefano Zanero stated that this vulnerability is being targeted for the past two years, which is very surprising as other servers are still unsecured even now.

According to ACN, this was already resolved in the past. However, the agency found out that the server was still not fully fixed, causing the attackers to access the server.

Meanwhile, US Cybersecurity and Infrastructure Security Agency stated that they were assessing the impact of the reported incidents. CISA is currently working with public and private authorities as they evaluate this matter to provide needed aid in order to prevent the same situation in the future. 

Politico reported that France was the first country to detect the attack. The cybersecurity agency of the country ANSSI released an alert on Friday to warn organizations to patch the vulnerability.

Also Read: Medibank Warns its Clients of Hackers Who Started Leaking Stolen Confidential Data

VMware's Response

A spokesperson from VMware stated the company is aware of these incidents and already issued patches for the vulnerability that has been active for the past two years. South China Morning Post reported that customers who run ESXi versions that are impacted by CVE-2021-21975, and customers who are still not applying the patch should do it as soon as they can 

VMware stated that applying patches is security hygiene and is the key to preventing future potential attacks. 

UK's Recent Attacks

A ransomware attack is a malware type that locks up files, following the hackers' demand of payment to provide an encryption key. Just last week, Lockbit attacked ION Trading United Kingdom, which overturned derivatives trading. 

While ION declined to comment on whether a ransom was paid, LockBit stated that they received a ransom and unlocked those files immediately. According to the United States Justice Department, Lockbit has been active since January 2020, with a total of $100 million in extorted ransom demands.

Related Article: LockBit Ransomware Gang Offers Decryptor to SickKids Hospital, Apologizes After Wrongful Attack

Written by Inno Flores

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion