![[Italy] Attack on unpatched systems caused nationwide internet outage](http://globalpayrollassociation.com/cdn/shop/articles/bigstock-November---Parma-Italy-Vm-335685634_1200x.jpg?v=1675926030)
On February 5, a global ransomware attack succeeded in taking Italy’s Internet down, after attackers exploited unpatched VMware ESXi servers, IT-Online reports.
The country’s Internet was reportedly restored by Sunday night, but the Italian National Cybersecurity Agency has warned that other countries – including France, Finland, the US and Canada – are potentially next in line to be attacked.
In a statement, software company VMware said it is believed that a ransomware variant dubbed ESXiArgs is leveraging CVE-2021-21974, a two-year-old vulnerability.
Patches for the vulnerability were made available in VMware’s security advisory of February 23, 2021, according to the statement.
“Security hygiene is a key component of preventing ransomware attacks, and customers who are running versions of ESXi impacted by CVE-2021-21974, and have not yet applied the patch, should take action as directed in the advisory,” a VMware spokesman said.
He reportedly added that further guidance for hardening ESXi is available in VMware’s Security Configuration Guide.
“The security of our customers is a top priority at VMware, and we recommend that all customers join our security advisory mailing list and visit our Ransomware Resource Centre for detailed guidance on ransomware prevention, detection, and response.”
The US Cybersecurity and Infrastructure Security Agency is now working with its partners to assess the impacts of the attacks across Italy.
Source: IT-Online
(Quotes via original reporting)
On February 5, a global ransomware attack succeeded in taking Italy’s Internet down, after attackers exploited unpatched VMware ESXi servers, IT-Online reports.
The country’s Internet was reportedly restored by Sunday night, but the Italian National Cybersecurity Agency has warned that other countries – including France, Finland, the US and Canada – are potentially next in line to be attacked.
In a statement, software company VMware said it is believed that a ransomware variant dubbed ESXiArgs is leveraging CVE-2021-21974, a two-year-old vulnerability.
Patches for the vulnerability were made available in VMware’s security advisory of February 23, 2021, according to the statement.
“Security hygiene is a key component of preventing ransomware attacks, and customers who are running versions of ESXi impacted by CVE-2021-21974, and have not yet applied the patch, should take action as directed in the advisory,” a VMware spokesman said.
He reportedly added that further guidance for hardening ESXi is available in VMware’s Security Configuration Guide.
“The security of our customers is a top priority at VMware, and we recommend that all customers join our security advisory mailing list and visit our Ransomware Resource Centre for detailed guidance on ransomware prevention, detection, and response.”
The US Cybersecurity and Infrastructure Security Agency is now working with its partners to assess the impacts of the attacks across Italy.
Source: IT-Online
(Quotes via original reporting)