JAKARTA - The Italian National Cybersecurity Agency (ACN) said on Sunday, February 5 that thousands of computer servers had been targeted by a global ransomware hacking attack targeting the ESXi VMware server. They also warned a number of organizations to take action to protect their systems.
The hacking attack attempted to exploit software vulnerabilities, ACN Director General Roberto Baldoni told Reuters. He also added that it was done on a large scale.
A VMware spokesperson said the software company was aware of the report and issued a patch in February 2021 when it discovered a vulnerability that is now being exploited. They also urge customers to implement a patch if they haven't done so.
The Italian ANSA news agency, citing ACN, reported that servers have been compromised in other European countries such as France and Finland as well as the United States and Canada.
Dozens of Italian organizations have most likely been affected and many more have been warned to take action not to be locked off their systems.
Italian Telecom subscribers reported previous internet problems last Sunday, but both issues are believed to be unrelated.
US cybersecurity officials also said they assessed the impact of the reported incident.
"CISA is working with our public and private sector partners to assess the impact of this reported incident and provide assistance if necessary," the US Infrastructure Cybersecurity and Security Agency said.
For information, ESXi's VMware is a hypervisor running a virtual operating system on top of the hardware infrastructure. ESXi divides physical resources such as CPU, RAM, and storage into various virtual machines running the operating system and applications.
ESXi's VMware helps optimize the use of resources and makes IT management easier by allowing administrators to manage multiple virtual machines from one location.
It also allows the use of more efficiently than physical resources and improves reliability and security by separating the virtual environment from the physical environment.
ESXi's VMware, such as operating systems and other software, has the potential to be hacked and breached by attackers who seek to access confidential information or take over the system. Some of the vulnerable sides of ESXi's VMware include:
Network security: If the network is not properly configured, or if there are no adequate precautions, hackers can penetrate the network and access the ESXi hosts.
Access control security: ESXi doesn't have strong authentication systems like firewalls or proxy servers, which makes it easy for hackers to penetrate the system.
Information security: If the configuration is not done properly, or if there are no adequate precautions, hackers can access information stored on the ESXi system.
To address this potential threat, ESXi's VMware provides some of the security and management features that help in preventing and overcoming attacks. However, to ensure security, it is essential for users to regularly monitor the system and update the software.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)