Italian cyber security agency warns organizations of ransomware attack: reports

Ransomware targets 2-year-old vulnerability VMware released patches for.

Italy’s National Cybersecurity Agency, ACN, warned organizations to act in protecting their computer systems as thousands of computer servers around the globe were under attack by ransomware targeting VMware (WMW.N) ESXi servers, according to reports

Roberto Baldoni, the ACN director general, told Reuters the attack was looking to find and expose a vulnerability in the software, adding that the attack was taking place on a large scale.

hacker ransomware attack

Unrecognizable young hacker in hoodie using laptop in blurry city. Concept of cybersecurity. Toned image. Double exposure of security interface (iStock / iStock)

A VMware representative told the news agency they were aware of the incidents and released patches to protect systems against exposing a two-year-old vulnerability that was being exploited back in February 2021.

LASTPASS HACK: CYBERSECURITY EXPERTS SOUND THE ALARM OVER DATA BREACHES

All customers who did not apply the patch were urged by VMware to do so.

"Security hygiene is a key component of preventing ransom attacks, and customers who are running versions of ESXi impacted by CVE-2021-21974, and have not yet applied the two-year-old patch, should take action as directed in the advisory," a representative from VMware said on Sunday.

The attacks targeted VMware servers in places like France, Finland, Canada and the U.S., according to ACN.

Internet Hacking

A person dressed as an internet hacker is seen with binary code displayed on a laptop screen in this illustration photo taken in Krakow, Poland in August.  (Jakub Porzycki/NurPhoto via Getty Images / Getty Images)

Any organizations that were targeted could become locked out of their systems because of the ransomware. 

CHATGPT BEING USED TO WRITE MALWARE, RANSOMWARE: REPORTS

According to Reuters, dozens of organizations in Italy were likely to be attacked, and many more were warned to apply the patches.

Cybersecurity officials in the U.S. were assessing the situation.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

"CISA is working without public and private sector partners to assess the impacts of these reported incidents and providing assistance where needed," the U.S. Cybersecurity and Infrastructure Security Agency told Reuters.

Reuters contributed to the reporting of this story.