Ransomware hits hundreds of US companies, security firm says

Kaseya urged customers in a statement on its website to immediately shut down servers running the affected software. (Shutterstock)
Kaseya urged customers in a statement on its website to immediately shut down servers running the affected software. (Shutterstock)
Short Url
Updated 03 July 2021

Ransomware hits hundreds of US companies, security firm says

Kaseya urged customers in a statement on its website to immediately shut down servers running the affected software. (Shutterstock)
  • The federal Cybersecurity and Infrastructure Security Agency said in a statement late Friday that it is closely monitoring the situation and working with the FBI to collect more information about its impact

WASHINGTON: A ransomware attack paralyzed the networks of at least 200 US companies on Friday, according to a cybersecurity researcher whose company was responding to the incident.
The REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack, said John Hammond of the security firm Huntress Labs. He said the criminals targeted a software supplier called Kaseya, using its network-management package as a conduit to spread the ransomware through cloud-service providers. Other researchers agreed with Hammond’s assessment.
“Kaseya handles large enterprise all the way to small businesses globally, so ultimately, (this) has the potential to spread to any size or scale business,” Hammond said in a direct message on Twitter. “This is a colossal and devastating supply chain attack.”
Such cyberattacks typically infiltrate widely used software and spread malware as it updates automatically.
It was not immediately clear how many Kaseya customers might be affected or who they might be. Kaseya urged customers in a statement on its website to immediately shut down servers running the affected software. It said the attack was limited to a “small number” of its customers.
Brett Callow, a ransomware expert at the cybersecurity firm Emsisoft, said he was unaware of any previous ransomware supply-chain attack on this scale. There have been others, but they were fairly minor, he said.
“This is SolarWinds with ransomware,” he said. He was referring to a Russian cyberespionage hacking campaign discovered in December that spread by infecting network management software to infiltrate US federal agencies and scores of corporations.
Cybersecurity researcher Jake Williams, president of Rendition Infosec, said he was already working with six companies hit by the ransomware. It’s no accident that this happened before the Fourth of July weekend, when IT staffing is generally thin, he added.
“There’s zero doubt in my mind that the timing here was intentional,” he said.
Hammond of Huntress said he was aware of four managed-services providers — companies that host IT infrastructure for multiple customers — being hit by the ransomware, which encrypts networks until the victims pay off attackers. He said thousand of computers were hit.
“We currently have three Huntress partners who are impacted with roughly 200 businesses that have been encrypted,” Hammond said.
Hammond wrote on Twitter: “Based on everything we are seeing right now, we strongly believe this (is) REvil/Sodinikibi.” The FBI linked the same ransomware provider to a May attack on JBS SA, a major global meat processer.
The federal Cybersecurity and Infrastructure Security Agency said in a statement late Friday that it is closely monitoring the situation and working with the FBI to collect more information about its impact.
CISA urged anyone who might be affected to “follow Kaseya’s guidance to shut down VSA servers immediately.” Kaseya runs what’s called a virtual system administrator, or VSA, that’s used to remotely manage and monitor a customer’s network.
The privately held Kaseya says it is based in Dublin, Ireland, with a US headquarters in Miami. The Miami Herald recently described it as “one of Miami’s oldest tech companies” in a report about its plans to hire as many as 500 workers by 2022 to staff a recently acquired cybersecurity platform.


TASI bounces back after heavy losses: Closing bell

TASI bounces back after heavy losses: Closing bell
Updated 11 sec ago

TASI bounces back after heavy losses: Closing bell

TASI bounces back after heavy losses: Closing bell

RIYADH: Saudi stocks gained in the first trading session of the week, rebounding slightly following steep declines, despite fears about upcoming rate hikes and a recession.

The main index, TASI, gained 1.79 percent to close at 11,513, while the parallel market, Nomu, shed 0.85 percent to 20,681.

Saudi Arabia Refineries Co. and National Gypsum Co. both surged 10 percent to lead the gainers, followed by Saudi Advanced Industries Co. with a 9.98 percent gain.

Dar Al Arkan Real Estate Development Co. led the decliners with a 6.20 percent decline, followed by Taleem REIT Fund with a 1.86 percent fall.

Saudi Aramco, the largest player on the Saudi oil market, ended today’s trading up 1.21 percent.

In the financial sector, the Kingdom’s largest valued bank Al Rajhi rose 1.93 percent, while Alinma Bank added 3.83 percent.

In the pharma sector, Aldawaa Medical Services Co. improved 2.60 percent, while Nahdi Medical Co. gained 1.04 percent.

Both telecom giants stc and Zain KSA climbed 2.06 percent and 6.08 percent, respectively.

Methanol Chemicals Co. increased 1.93 percent, after reporting that it would pay SR273 million ($73 million) as an early loan payment to SIDF and lenders.

Middle East Healthcare Co. rose 1.70 percent, after reporting that it has opened a Saudi German clinic complex in the Al Samer District of Abha city, accommodating 30 clinics.

Due to tight supply, oil prices on Friday rose to $113.12 a barrel for Brent crude and $107.62 a barrel for West Texas Intermediate crude.

 


China In-Focus — China approves ICBC-Goldman JV; New rules to regulate private pension investment via mutual funds

China In-Focus — China approves ICBC-Goldman JV; New rules to regulate private pension investment via mutual funds
Updated 26 June 2022

China In-Focus — China approves ICBC-Goldman JV; New rules to regulate private pension investment via mutual funds

China In-Focus — China approves ICBC-Goldman JV; New rules to regulate private pension investment via mutual funds

RIYADH: Industrial and Commercial Bank of China, also known as ICBC, said on Friday its wealth management joint venture with Goldman Sachs Group Inc. had received the country’s banking regulator’s approval to begin operations.

The China Banking and Insurance Regulatory Commission’s nod comes as the world’s second-largest economy opens up its giant financial sector to investments from foreign players, allowing them to collaborate with domestic banks.

Goldman Sachs ICBC Wealth Management, set up in May last year with a 51 percent funding contribution from US banking giant Goldman and 49 percent by ICBC, will now offer a broad range of investment products to the Chinese market over time, including quantitative investment strategies.

ICBC will “push forward” the joint venture to execute all the relevant procedures “in strict compliance with laws, regulations and regulatory requirements,” China’s biggest bank said in a statement.

Regulate private pension investment via mutual funds

China’s securities regulator proposed rules to regulate private pension investment via mutual funds, setting the criteria for qualified products and sales agents under a scheme that will channel fresh savings into the country’s capital markets.

The draft rules, published by the China Securities Regulatory Commission (CSRC) late on Friday, came after Beijing in April launched a milestone private pension scheme to tackle the challenges of the aging population.

Under the scheme, eligible Chinese citizens can buy mutual funds, savings deposits and insurance products via their own individual pension accounts, potentially boosting a pension market that has lured foreign asset managers including Fidelity International and BlackRock.

The proposed rules “have set a relatively high bar for products and institutions, and are designed to ensure safety of pension fund investment and protect investors’ interest,” the CSRC said in a statement on its website.

Initially, pension target funds with at least 50 million yuan ($7.48 million) of assets over the past four quarters are eligible under the pilot pension scheme, the CSRC said.

Senators seek update on US security review of TikTok

A group of six Republican senators on Friday asked US Treasury Secretary Janet Yellen about an ongoing Biden administration national security review of the social media platform TikTok.

The US government’s Committee on Foreign Investment in the US, which reviews deals by foreign acquirers for potential national security risks, in 2020 ordered Chinese parent company ByteDance to divest TikTok because of fears that US user data could be passed on to China’s communist government.

Last week, TikTok said it has completed migrating information on its US users to servers at Oracle Corp., as it seeks to address US concerns over data integrity.

Senators Tom Cotton, Ben Sasse, Mike Braun, Marco Rubio, Todd Young and Roger Wicker asked Yellen numerous questions saying the administration “has seemingly done nothing to enforce” the August 2020 divestiture order.” They noted, “the results of the security reviews, likewise, have not been publicly released after one year.”

The senators want to know “will TikTok be locally managed in the United States?” and “Will the US government have the ability to routinely access and inspect the algorithm’s source code?” It also asks “what assurances does the US government have that TikTok will store US data and adopt privacy policies with adequate protections?” 

(With input from Reuters)


Saudi Venture Capital invests in first venture debt fund to support SMEs 

Saudi Venture Capital invests in first venture debt fund to support SMEs 
Updated 26 June 2022

Saudi Venture Capital invests in first venture debt fund to support SMEs 

Saudi Venture Capital invests in first venture debt fund to support SMEs 

RIYADH: Saudi Venture Investment Co. has invested in a global specialty lending fund that focuses on offering venture debt instruments to high-growth startups, small and medium enterprises in sectors, such as technology, fintech, healthcare and life sciences. 

The first venture debt fund that SVC is investing is managed by Partners for Growth, a California-based firm that provides venture and growth stage debt instruments to startups and SMEs, according to a statement. 

“The investment in the venture debt fund by PFG is part of SVC’s Investment in Funds Program, and is to implement SVC’s latest strategy related to the launch of the ‘Investment in Venture Debt Funds’ product in order to fill the financing gaps in the venture capital ecosystem,” CEO said. 

“Venture debt funds provide financing solutions to high-growth startups and SMEs to prevent equity dilution for founders and existing investors and allow startups and SMEs to achieve greater progress during their growth journey,” Nabeel Koshak added. 

Established in 2018 by Monshaat as part of the Financial Sector Development Program, SVC is a government venture capital that contributes to the development of the VC ecosystem. 


Air Arabia adds 14 new shuttle flights for World Cup fans

Air Arabia adds 14 new shuttle flights for World Cup fans
Updated 26 June 2022

Air Arabia adds 14 new shuttle flights for World Cup fans

Air Arabia adds 14 new shuttle flights for World Cup fans

RIYADH: Air Arabia, a low-cost airline based in the UAE, has announced 14 daily shuttle flights from Sharjah International Airport to Hamad International Airport in Doha, Qatar starting from Nov. 21 until Dec. 18 to cater to visitors to the FIFA World Cup.

These shuttle flights are meant only for world cup ticket holders and will operate in conjunction with Air Arabia’s three daily scheduled flights to Doha, Zawya reported. 

“We are pleased to announce Air Arabia’s shuttle flights between Sharjah and Doha during the FIFA World Cup 2022, which will provide fans with easy, reliable, and timely access in and out of Doha to enjoy the matches and return right after,” Adel Al-Ali, CEO of Air Arabia said. 

The airline stated that passengers will be allowed 10 kg of hand luggage. 

 


Egypt launches digital platform for petroleum products

Egypt launches digital platform for petroleum products
Updated 26 June 2022

Egypt launches digital platform for petroleum products

Egypt launches digital platform for petroleum products

RIYADH: Egypt has launched a digital platform for petroleum products and natural gas, as the country moves ahead on the path toward digital transformation, Daily News Egypt reported. 

Announcing the launch of the initiative, Tarek El Molla, minister of petroleum and mineral resources, said the new digital services will provide an integrated system to manage and follow up on the supply of fuel to cars using a smart card instead of paper coupons. 

He said the new digital service platform will ensure secure transportation and circulation of petroleum products, which will preserve the rights of the contracting parties, through data that can be accessed through the smart card. 

El Molla further noted that cashout services will be available in gas stations, and the public can withdraw cash from gas stations using their bank cards. 

The minister revealed that withdrawal services are now made available at 400 petrol stations in the country.