The headquarters of information technology firm Kaseya in Miami that has been hit by hacking. Photo: Reuters Expand

Close

The headquarters of information technology firm Kaseya in Miami that has been hit by hacking. Photo: Reuters

The headquarters of information technology firm Kaseya in Miami that has been hit by hacking. Photo: Reuters

The headquarters of information technology firm Kaseya in Miami that has been hit by hacking. Photo: Reuters

Raphael Satter and Andrea Shalal

The Kaseya ransomware attack has only inflicted "minimal damage” according to US president, Joe Biden.

Last Friday's ransomware attack scrambled the data of hundreds of small businesses worldwide. REvil, a prolific, Russia-linked cybercrime syndicate, took credit for the breach.

In Sweden, many of the 800 grocery stores run by the Coop chain are still in the process of recovering from the attack, which knocked out most of its supermarkets, though a spokesman told Reuters "we have more open stores than closed ones now."

In New Zealand, 11 schools and several kindergartens were affected.

Germany's cybersecurity watchdog, BSI, said on Tuesday that it was aware of three IT service providers in Germany that were affected, with a spokesperson estimating that several hundred companies were touched overall.

"In Germany there are no cases as prominent as the one in Sweden," the spokesperson added.

The hackers who claimed responsibility for the breach have demanded $70m (€59m) to restore all the affected businesses' data, although they have indicated a willingness to temper their demands in private conversations with a cybersecurity expert and with Reuters.

Kaseya's CEO told Reuters he would not reveal whether his company planned to pay the ransom or not, or even whether it was negotiating with REvil.

Business Newsletter

Read the leading stories from the world of business.

This field is required

Read More

The attack was another illustration of how cybercriminals believed to be operating from Russia are running amok in western countries.

The recent cyberattack on the HSE, which is set to cost over €100m in total, is believed to have come from within Russia.

President Biden has sought to push Putin to bring Russian cybercriminals to heel, so far to little visible effect.

Last month REvil extorted an $11m ransom out of the US meatpacker JBS after snarling its supply chain.

In May, an intrusion by another Russia-linked group at major US fuel transporter Colonial Pipeline led to panic buying, price spikes and gasoline shortages up and down the East Coast.

"If the Russian government cannot or will not take action against criminal actors residing in Russia, we will take action, or reserve the right to take action, on our own," said White House spokeswoman Jen Psaki.

The hack that struck Kaseya's clients, mainly back office IT companies did not have the same kind of impact in the United States as the ransoming of Colonial Pipeline.