A major cyberattack has potentially hit more than 1,000 companies worldwide, forcing a Swedish supermarket chain to shut hundreds of stores.
Hackers are demanding $70 million in bitcoin in exchange for data stolen in the ransomware attack against Miami-based IT company Kaseya.
But what exactly is a ransomware attack, and who is behind this one? Here are some key questions about the attack, which has paralysed businesses since Friday.
How bad is it?
The full scale of this attack remains unclear. Kaseya initially said Friday that it believed only around 40 of its customers had been affected.
But Huntress Labs, a cybersecurity firm working with partners targeted in the attack, has said it believes more than 1,000 companies may have been hit.
Not all of them are Kaseya customers. Swedish supermarket chain Coop, which was forced to close hundreds of stores after the hack pushed its checkouts offline, was affected because its IT subcontractor is linked to Kaseya.
Hackers claiming responsibility for the attack on Happy Blog, a site on the dark web associated with Russian-speaking group REvil, claimed they had infected "more than a million systems".
Why attack Kaseya?
French cybersecurity expert Loic Guezo said that targeting Kaseya, which provides IT solutions for some 40,000 small and medium-sized businesses worldwide, allowed the hackers to strike a huge number of victims with a single blow.
"It's using software that is used by many businesses in order to penetrate their networks," he explained, drawing a parallel with the spectacular attack against software firm SolarWinds last year.
What's a ransomware attack?
Ransomware attacks typically involve locking away companies' or individuals' data using encryption, then making them pay to regain access.
Such digital hostage-taking is increasingly common. Last year alone, at least $18 billion was sent to hackers using ransomware, according to security firm Emsisoft.
Payments are usually demanded in bitcoin, since the cryptocurrency helps perpetrators stay anonymous.
The United States has found itself a particular target of such attacks in recent months, with SolarWinds and the Colonial oil pipeline among high-profile victims.
The FBI has blamed those attacks on Russia-based hackers, and US President Joe Biden raised the issue with his counterpart Vladimir Putin at their summit last month.
Moscow, suspected of turning a blind eye to the hackers or even encouraging them, denies any involvement.
Who's behind the Kaseya attack?
Numerous experts have pointed the finger at a Russian-speaking hacking group known as REvil.
The demand for $70 million was posted on Happy Blog, a site on the dark web previously associated with REvil, who are also known as Sodinokibi.
The FBI believes REvil were also behind last month's attack on global meat processing giant JBS, which ended with the Brazil-based company paying bitcoin worth $11 million to the hackers.
REvil, who first emerged around 2019, work as part of a collective, sometimes sharing both their ransomware and their loot with other hackers who take part in the same attack.
They are seen as among the most dangerous ransomware attackers out there, carrying out around 29 percent of such attacks in 2020, according to a recent report by IBM's Security X-Force unit.
That report estimated that REvil took ransoms worth at least $123 million in 2020.
ALSO READ - Up to 1,500 businesses affected by ransomware attack, US firm's CEO says
ETX Studio
Tue Jul 06 2021
What exactly is a ransomware attack? ETXStudiopic
Clarification on the investment in Sapura Energy by MDH
Permodalan Nasional Berhad (PNB) as the existing significant shareholder of SEB.
Floods recede in Beaufort, but residents remain wary of downstream water flow
While floods in Beaufort are receding, residents remain on alert for downstream water flow that could bring floodwaters from inland areas.
Govt to ensure establishment of SEGiM aligns with introduction of Gig Workers Bill
The government intends to ensure that the establishment of the Malaysian Gig Economy Commission (SEGiM) is in line with the introduction of the Gig Workers Bill.
UK steel industry warns of damage as Trump tariffs come into force
US President Donald Trump's tariffs on UK steel "couldn't come at a worse time," the industry has warned as the levy on US imports is introduced, reported PA Media/dpa news.
Penang allocates RM49.45 million for Phase 1 of i-Sejahtera Programme
The Penang government has allocated RM49.45 million for 274,151 recipients under Phase 1 of the i-Sejahtera Programme this year.
PM Anwar calls on all parties to be agents of unity, help unite people of different races
Prime Minister Datuk Seri Anwar Ibrahim has called on all Malaysians to join hands to become agents of unity and assist the MADANI Government in its efforts to unite all Malaysians
Women representation in senior management fall to 36.2 pct in 2025
The Grant Thornton Women in Business Report reveals a concerning decline in the representation of women in senior management positions in Malaysia.
Singapore Airlines prohibits usage, charging of power banks from April 1
Singapore Airlines (SIA) passengers will not be allowed to use power banks or charge them throughout their flight effective April 1.
Captain of cargo ship arrested over fatal collision in North Sea
The cargo ship captain involved in the North Sea's deadly collision has been arrested on suspicion of gross negligence manslaughter.
No plans to follow us in repatriating illegal immigrants - KDN
For the period up to March 9 this year, the total number of deportations from Immigration depots was 9,199 people.
Air pollution responsible for nearly 7 million deaths annually worldwide
A report by the World Air Quality Index indicated that only 17 per cent of cities worldwide meet the recommended air quality standards.
At least 137 Gazans killed in Israeli attacks since ceasefire
According to the Euro-Mediterranean Human Rights Monitor , Israel has been killing an average of seven Palestinians every two days.
Malaysia strengthens semiconductor supply chain with ASEAN member countries - Liew
Malaysia does not intend to compete with neighbouring countries or other ASEAN member states in its efforts to strengthen supply chains.
Six men arrested for alleged misappropriation of subsidised cooking oil in Semenyih
Six men, including five foreigners in their 30s, were arrested for alleged misappropriation of subsidised cooking oil.
Hamas says new round of Gaza ceasefire talks has begun
expressing optimism that the talks could lead to "tangible progress"
Ukraine says ready to accept 30-day ceasefire with Russia
Ukraine conveyed its readiness to accept a 30-day ceasefire with Russia, as delegations from Kyiv and Washington met in Saudi Arabia.
Musk's SpaceX agrees Starlink cooperation with Airtel in India
Tech billionaire Elon Musk plans to enter the Indian internet market with his Starlink satellite system, reported German news agency dpa.
Trump announces higher steel and aluminium tariffs for Canada
US President Donald Trump plans to impose additional high tariffs on steel and aluminium imports from Canada.
![[COLUMNIST] The futility of resisting English: A barrier to national progress](https://resizer-awani.eco.astro.com.my/tr:w-177,h-100,q-100,f-auto/https://img.astroawani.com/2025-03/81741686561_EMIR.jpg "[COLUMNIST] The futility of resisting English: A barrier to national progress")
[COLUMNIST] The futility of resisting English: A barrier to national progress
Promoting Malay language doesn't mean disparaging or undermining other languages, we can uplift it without diminishing others.
What is driving the bloodshed in Syria?
The violence has pitted the Islamist-led government's security forces against fighters from Assad's Alawite minority.