Information security | The widespread information security attack observed around the world has also hit Finland, says the Cybersecurity Center

In several In European countries and other parts of the world, a large-scale data security attack has been detected, which has affected thousands of different servers, says the Finnish Transport and Communications Agency’s Traficom cyber security center. Finnish servers have also come under attack.

“The attack used a vulnerability in the virtualization software of the software industry company VMware called ESXi, which was discovered as early as February 2021,” says the cyber security center’s information security expert Samuli Könönen in the interview.

According to Könenen, the goal of information security criminals has been to get into the servers and install a ransomware that demands a ransom in the form of cryptocurrency.

The vulnerability used in the attack has been patched with a software update since the beginning of 2021. If the update was made after this, there is no risk of being attacked.

“Criminals have now opportunistically searched for servers whose owners have not updated them for one reason or another,” says Könönen.

Cyber ​​Security Center is currently mapping possible servers located in Finland that have fallen victim to an attack. At the moment, the cyber security center has only become aware of individual cases.

Könönen emphasizes that the attack was not specifically targeted at Finland.

“We still do not have a more accurate estimate of how many Finnish servers have been attacked. However, it is a very small amount compared to the size of the entire attack.”

According to the news agency Reuters, servers in Europe, at least in Italy and France, have been targeted by the attack. Servers in the United States and Canada have also been targeted.

According to Könen, all users of VMware’s ESXi virtualization software should check when they last updated the software.

“If it hasn’t been updated since February 2021, it should be assumed that it has been hacked,” says Könönen.

Virtualization software allows multiple virtual servers to be hosted on a single physical server.

Italian news agency Ansa already reported on Sunday that several servers both in Italy and in other European countries and North America have been compromised. Ansa mentioned Finland, France, Canada and the United States.

According to Ansa, the attack was first noticed in France.

Thousands of servers around the world were hit by a “massive” ransomware attack, Italy’s national cyber security agency (ACN) said on Sunday.

A US cybersecurity official said after Italy’s announcement that it was investigating the scope and impact of a possible attack in the US.