Its CEO stated that 800 to 1,500 companies around the world have been attacked by ransomware centered on U.S. information technology company Kaseya.

Fred Voccola, the chief executive of the Florida-based company, said in an interview on Monday that it is difficult to estimate the exact impact of Friday’s attacks, because the customers who were hit were mainly customers of Kaseya’s customers. .

Kaseya is a company that provides software tools for IT outsourcing stores: these companies usually handle back-office work for companies that are too small or have limited resources to have their own technical department.

One of these tools was compromised on Friday, allowing hackers to paralyze hundreds of businesses on five continents. Although most of the people affected have minor problems—such as dentists’ offices or accountants—in Sweden, hundreds of supermarkets had to close because cash registers were not working, or in New Zealand, schools and kindergartens were offline.

The hackers claiming to be responsible for the violations demanded $70 million to restore the data of all affected companies, even though they expressed their willingness to ease their demands in private conversations with cybersecurity experts and Reuters.

“We are ready to negotiate at any time,” a hacker representative told Reuters earlier on Monday. The representatives who spoke through the chat interface on the hacker website did not provide their names.

Wakora declined to say whether he was prepared to accept the hacker’s offer.

“I can’t comment on’yes’,’no’ or’maybe’,” he said when asked if his company would talk to hackers or pay. “Do not comment on anything related to negotiations with terrorists in any way.”

As ransomware attacks become more destructive and profitable, the topic of ransom payment has become more and more worrying.

Wakora said he had talked with officials from the White House, the FBI and the Department of Homeland Security about the violations, but declined to disclose what they told him about the payment or negotiations.

Exploited by hackers

On Sunday, the White House said it was checking whether there is any “national risk” in the ransomware outbreak, but Wakora said that so far, he is not aware of any important national organizations being attacked.

“We don’t consider large-scale critical infrastructure,” he said. “That’s not our business. We don’t run AT&T’s network or Verizon’s 911 system. There is no such thing.”

When the attack occurred, Kaseya was fixing a vulnerability in its software [File: Andrey Rudakov/Bloomberg]

Since Voccola’s company is repairing vulnerabilities in software used by hackers when performing ransomware attacks, some information security professionals speculate that hackers may have been monitoring their company’s communications from the inside.

Wakora said neither he nor the investigators brought by his company saw any signs.

“We don’t believe they are in our network,” he said. He added that “once it is’safe’ and can do so”, the details of the violation will be made public.

Some experts believe that the full consequences of this hack will be in focus on Tuesday, when Americans will return from their July 4th holiday weekend. Outside the United States, the most significant disruptions occurred in Sweden—hundreds of Coop supermarkets had to close because cash registers were unavailable—and New Zealand, where 11 schools and several kindergartens were affected.

One million machines were compromised

In conversations with Reuters, the hacker representative described the New Zealand outage as an “accidental”.

But they did not regret the interruption in Sweden.

The representative said that the closure of the supermarket “is just a business.”

According to research published by the network security company ESET, about a dozen organizations in different countries have been affected to some extent.

Mark Loman, director of engineering at the network security company Sophos, said the hacker REvil ransomware claimed that 1 million machines were compromised.

“Depending on the size of your business and whether you have a backup, it may take several weeks for you to restore everything, and because supermarkets in Sweden are affected, they may lose a lot of food and income,” he said.

Although many Coop stores are still closed on Monday, some stores have opened and allow customers to pay using an app called “Scan and Pay.”

“I don’t think we have seen anything on such a large scale before,” said Anders Nilsson, CTO of ESET Nordics. “This is the first time we have seen a grocery store unable to process payments, which shows how vulnerable we are.”