ROME, Feb 6 (Reuters) – The global ransomware hacking attack that targeted thousands of computer servers in Italy and other countries likely came from cybercriminals and not from a state or state-like entity, Italy’s government said on Monday.
“No evidence has emerged pointing to an aggression by a state or hostile state-like entity”, the government said in a statement, adding that no major institution or company operating in critical sectors for national security had been affected.
Thousands of computer servers have been targeted by a global ransomware hacking attack targeting VMware ESXi servers, Italy’s National Cybersecurity Agency (ACN) said, warning organisations to take action to protect their systems.
The hacking attack sought to exploit a software vulnerability, ACN director general Roberto Baldoni told Reuters, adding it was on a massive scale.
A spokesperson for VMware said the software firm is aware of the report and that it issued patches in February 2021 when it discovered the vulnerability that is now being exploited, urging customers to apply the patch if they have not done so.
Italy’s ANSA news agency, citing the ACN, reported that servers had been compromised in other European countries such as France and Finland as well as the United States and Canada.
Dozens of Italian organisations were likely to have been affected and many more had been warned to take action to avoid being locked out of their systems.
Telecom Italia TLIT.MI customers reported internet problems earlier on Sunday, but the two issues were not believed to be related.
U.S. cybersecurity officials said they were assessing the impact of the reported incidents.
“CISA is working with our public and private sector partners to assess the impacts of these reported incidents and providing assistance where needed,” the U.S. Cybersecurity and Infrastructure Security Agency said.