An extensive and automated has occurred in the last few hours VMWare cyber attack unleashed by cyber-criminals all over the world, including Italy, which affected VMWare ESXi systems. But the extent of this event and above all the consequences are still to be clarified.
NordVPN: Best VPN service. Safe surfing online
Cybersecurity expert comments on global VMWare cyberattack
Marco LucchinaChannel Manager Italy, Spain and Portugal of Quitecomments on the VMWare hack.
“Through monitoring with Open Source Intelligence tools – the same ones used by the attackers – to date we have identified 44 compromised companies in Italy and another 404 potentially compromised. The remainder are mainly systems hosted by service providers (typical of these campaigns) as they are unmanaged and sometimes even forgotten systems. Furthermore, some of these potential targets are certainly honeypots, a system or hardware or software component used as a “trap” or “bait” used to observe the attack mechanism from the inside and obtain the appropriate IoCs – Indicators of compromise -” .
Furthermore, for Marco Lucchina, the alarm was raised in way “excessive”, triggering panic without any context information. The expert continues: “An infodemic situation has arisen: last night we received dozens of requests for intervention without any valid reason. We had been observing the unfolding of the attack for several days and, in recent years, we have had to face even more dangerous ones”.
Hands of hacker on a laptop
Finally, according to Marco Lucchina: “It must be considered that most of the companies targeted were unable to have a structured approach to the incident, as they do not have adequate monitoring solutions for their systems.”
China, what is it
Quite is the world’s first Autonomous Breach Protection (AutoXDR) that natively integrates the attack prevention and detection capabilities of Endpoint, User, Network, LOG and Cloud – XDR – with an incident engine that fully automates investigation and of remediation, backed by a world-class 24/7 MDR service.
Fully automated, end-to-end breach protection is now within the reach of any organization, regardless of the size and skill level of the security team.