Global ransomware activity that targeted thousands of computer servers in Italy and other countries was probably the handiwork of criminal hackers and not a state or state-like entity, the Italian government said on Monday.
Italy’s National Cybersecurity Agency (ACN) said on Sunday that hackers had targeted thousands of computer servers around the world running on VMware “ESXi” software.
“No evidence has emerged pointing to aggression by a state or hostile state-like entity”, an Italian government statement said, adding that no major Italian institution or company operating in critical national security sectors had been affected.
The hack was identified on Feb. 3 and reached its peak on Sunday, said the statement, which added that the hackers were taking advantage of a software exploit first identified two years earlier, in February 2021.
“Some of the recipients of that advice took the warning into due consideration, others did not and unfortunately are now paying the consequences,” the statement added.
VMware’s “ESXi” is a kind of hypervisor – software which runs virtual computers. Those virtual systems are sold by some internet hosting companies as low-cost alternatives to running real, physical servers.