A group of cybercriminals would have violated last week the providers and computer services of the Republican National Committee (RNC) of the United States, a situation that for the moment was not confirmed by the party.
“Microsoft informed us that one of our vendors, Synnex, may have been exposed,” said recently an RNC source, Mike Reed, who in turn noted that “there was no indication” that their systems were hacked or they have been victims of information theft.
“We are investigating the matter and we have informed the DHS (Department of Homeland Security) and the FBI,” he acknowledged.
According to the US agency, these hackers are part of a group known as APT 29 or Cozy Bear, which he links to the Russian intelligence service.
Donald Trump with Reince Priebus, chairman of the Republican National Committee, on victory night in New York. Photo: AFP.
These cybercriminals were also involved behind a similar case in 2016 that would have affected the Democratic National Committee and the cyberattack that became known in December of last year and for which nine government agencies of the United States would have been affected.
Meanwhile, another RNC source once again ruled out that their systems had been attacked and referred to previous statements on this issue.
However, the provider that would have been affected, Synnex, explained in a statement that it “is aware” that “some external actors have tried to gain access to their clients’ applications. using the Microsoft cloud“.
“As our investigation continues, we are unable to provide concrete details. … As with any security issue, a full review of all companies, systems, and applications, before a final decision can be made, “explained Michael Urban, one of Synnex’s senior managers.
Kaseya is still struggling
The US company, victim of a cyberattack that may have affected some 1,500 companies around the world, continued with attempts to restart its servers, after admitting new technical problems that delay the work.
Kaseya It said in a statement that while working to reactivate its software, “a problem was discovered that blocked the broadcast.”
The Miami-based tech firm again postponed the restart your servers, which was estimated for Tuesday night after a previous suspension.
The Kaseya company was still unable to recover from the REvil group cyberattack. Photo: REUTERS.
“Unfortunately the deployment of the VSA Saas will not be completed on the previously reported schedule,” said the latest statement, which promises a new update at 9am on Wednesday in Argentina.
Previously, Kaseya had asked her clients to leave turned off their computer systems until the company guarantees your safety.
The firm, which provides IT services to some 40,000 companies in twenty countries, indicated that only 60 direct customers were affected for the cyber attack with a ransomware on Friday, which forced a Swedish supermarket chain to close 800 stores since then after seeing their boxes affected.
Adding the indirect victims – that is, the clients of his clients – Kaseya “believes that, in total, less than 1,500 companies were affected,” according to his website.
“It appears that this has caused minimal harm to American businesses,” President Joe Biden said during a news conference.
Government services “are still in the process of gathering information on the scope of the attack,” he said, promising more details “in the coming days.”
Attacks of ransomware or blackmail programs, in which hackers encrypt computer systems and demand a ransom to unlock them, have become common.