The Antwerp ICT service provider ITxx is currently being hit by a ransomware attack. As a result, fifty of the company’s customers, mainly SMEs, no longer have access to their data or to backups, says Steven Holvoet of ITxx.
–
The attack has been going on since Friday. The hackers, who remain unknown for the time being, were able to encrypt all data and emails from the company and from fifty hosted customers. As a result, ITxx’s customers – mainly SMEs active in human resources, interim offices and service voucher companies – have no access to their IT data or their back-ups for the time being.
ITxx is working with the Computer Crime Unit of the Federal Judicial Police and with ransomware specialists from the cybersecurity company Secutec on a solution “to enable a safe reboot”, it sounds in a press release. The company does not want to say whether it is considering paying a ransom. Holvoet cannot say exactly how much ransom the hackers demand and whether or not they demand crypto coins, but “they ask a lot of ransom, a hundred times what is usually asked”. Holvoet expects that the problems will continue for at least a few more days.
The attack would have nothing to do with the IT management software from supplier Kaseya VSA. Earlier in the day, the Belgian cyber watchdog CERT issued a warning. Through the program, hackers can lock computers and take hostage. In the meantime, more than 200 companies worldwide have been affected, but this would be a ‘classic’ ransomware attack. According to owner Holvoet, the Antwerp company does not use that software.
READ MORE. Government warns after major cyber attack by Russian hackers: “Disable this software immediately”
The Center for Cyber Security (CCB) posted a warning on its website on Saturday about the major cyber attack that has affected at least 200 companies since Friday night, including in the United States. All Belgian organizations that work with Kaseya VSA are asked to switch off that system immediately.
– .
