The attack by the group known as REvil was focused on Kaseya VSA, a United States software company used by hundreds of tech-service providers and large companies.
Kaseya said on Friday, July 2 that it's investigating what a cybersecurity expert said is a ransomware attack similar to the previous one attributed to the Russian hackers.
The company said it shut down some of its servers and urged customers to immediately shut down servers running the affected software detailed in a statement.
“It's critical that you do this immediately because one of the first things the attacker does is shut off administrative access to the VSA,” Kaseya said in the statement.
The hackers forced meat supplier JBS to make an $11 million payment after a ransomware attack in late May.
The Cybersecurity and Infrastructure Security Agency said it "is taking action to understand and address the supply-chain ransomware attack against Kaseya VSA and the multiple MSPs that employ VSA software."
In an advisory on Thursday, July 1, the CISA warned system administrators that "exploitation is almost certainly ongoing. Targets have been global, but primarily focused on the United States and Europe."
Ransomware is a type of malicious software (malware) that blocks access to data or a computer system by encrypting it until the victims pay off the attackers.
Click here to follow Daily Voice Pound Ridge and receive free news updates.