Between 800 and 1,500 businesses globally on Friday reportedly suffered from a ransomware attack centered on U.S. information technology firm – Kaseya.
The Florida-based company’s CEO, Fred Voccola, said on Monday during an interview that it was hard to estimate the precise impact of Friday’s attack because those hit were mainly Kaseya’s customers.
Kaseya is a company which provides software tools to IT outsourcing shops – companies that typically handle back-office work for companies too small or modestly resourced to have their own tech departments.
According to a news report by Reuters, one of those tools was subverted on Friday, allowing the hackers to paralyze hundreds of businesses on all five continents.
The news report indicated that although most of those affected have been small concerns – like dentists’ offices or accountants – the disruption has been felt more keenly in Sweden, where hundreds of supermarkets had to close because their cash registers were inoperative, and New Zealand, where schools and kindergartens were knocked offline.
The hackers who claimed responsibility for the breach have demanded $70 million to restore all the affected businesses’ data, although they have indicated a willingness to temper their demands in private conversations with a cybersecurity expert and with Reuters.
Reuters quoted a representative of the hackers as saying via a chat interface on the hackers’ website on Monday that “we are always ready to negotiate,”.
Kaseya’s CEO refused to say whether he was ready to take the hackers up on the offer.
“I can’t comment ‘yes,’ ‘no,’ or ‘maybe’,” Voccola said when asked whether his company would talk to or pay the hackers.
“No comment on anything to do with negotiating with terrorists in any way”, he said.
Recently, the issue of ransom payments has become increasingly fraught as ransomware attacks become increasingly disruptive – and lucrative.
Voccola said he had spoken to officials at the White House, the Federal Bureau of Investigation and the Department of Homeland Security about the breach but declined to say what they had told him about paying or negotiating.
The White House said on Sunday that it was checking to see whether there was any “national risk” posed by ransomware outbreak but Voccola said that so far, he was not aware of any nationally important organizations being hit.