3,200 Sytems Attacked
So far, roughly 3,200 systems have been attacked, Bleeping Computer reported. It appears that financial gain was not at the root of the infections but instead, it looks like a campaign bent on disruption, reports said. In Italy, the Italian ANSA news agency said the ransomware campaign had already caused “significant” damage owing to a high number of unpatched computers.France appears to be the most affected country, followed by the U.S., Germany, Canada and the United Kingdom. Not only do the attacks underscore timely patching but also re-emphasize the importance of managed security service providers (MSSPs) assisting organizations to follow through on installing fixes.A VMware spokesperson told TechCrunch that the company knew of the break, which “appears to be leveraging the vulnerability identified as CVE-2021-21974.”The spokesperson confirmed that the exploit had been patched two years ago and made available to customers at that time:“Security hygiene is a key component of preventing ransomware attacks, and organizations who are running versions of ESXi impacted by CVE-2021-21974, and have not yet applied the patch, should take action as directed in the advisory.”
CISA Enters Conversation
The U.S. the Cybersecurity and Infrastructure Security Agency (CISA) issued a statement to TechCrunch that said:“CISA is working with our public and private sector partners to assess the impacts of these reported incidents and providing assistance where needed. Any organization experiencing a cybersecurity incident should immediately report it to CISA or the FBI.”