Roberto Baldoni, Director General of Italy’s National Cyber Security Organization, told Reuters: This hacking attack exploits a software vulnerability and is being carried out on a large scale.
The Italian government announced that the country’s National Cyber Security Organization would meet with senior officials on Monday morning to assess the situation.
Stefano Zanero, a professor of cyber security at Polytechnic Institute of Milan, stated in an interview: This vulnerability, which is the target of exploitation, is a two-year-old vulnerability and should have been patched by now, but apparently, many servers are still not protected.
A VMware spokesperson said the software company was aware of the report and released the security patch in February 2021 when the CVE-2021-21974 vulnerability, which is now being exploited by hackers, was identified. The company asked its customers to do so immediately if they had not yet applied these patches.
It is not yet known whether a group has claimed responsibility for the latest attack. According to public reports, ransomware called ESXiArgs is exploiting the CVE-2021-21974 vulnerability.
Ransomware is malware that locks a victim’s files and demands money for the hackers to provide the decryption key.
Italy’s ANSA news agency reported that servers in other European countries, such as France and Finland, as well as the United States and Canada, were targeted by this attack, referring to the warning of the country’s National Cyber Security Organization.
Dozens of Italian organizations have probably been targeted by this attack, and many others have been warned to avoid infecting their systems with this ransomware.
Customers of the Italian telecommunications company reported internet problems on Sunday, but the two problems are not believed to be related.
According to a Reuters report, US cybersecurity officials said they were assessing the impact of the reported incidents. The US Cyber Security and Infrastructure Security Agency announced that this organization has been working with public and private sector partners to assess the impact of the reported incidents and will provide the necessary assistance if needed.