Ransomware Attacks in Europe Target Known Server Vulnerability, Cybersecurity Agencies Warn

Ransomware Attacks in Europe Target Known Server Vulnerability, Cybersecurity Agencies Warn
A hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. Kacper Pempel/Illustration/Reuters
The Associated Press
Updated:

ROME—Cybersecurity agencies in Europe are warning of ransomware attacks exploiting a 2-year-old computer bug as Italy experienced widespread internet outages.

The Italian premier’s office said Sunday night the attacks affecting computer systems in the country involved “ransomware already in circulation” in a product made by cloud technology provider VMware.

A Friday technical bulletin from a French cybersecurity agency said the attack campaigns target VMware ESXi hypervisors, which are used to monitor virtual machines.

Palo Alto, California-based VMware fixed the bug back in February 2021 but the attacks are targeting older, unpatched versions of the product.

The company said in a statement Sunday that its customers should take action to apply the patch if they have not already done so.

“Security hygiene is a key component of preventing ransomware attacks,” it said.

The U.S. Cybersecurity and Infrastructure Security Agency said Sunday it is “working with our public and private sector partners to assess the impacts of these reported incidents and providing assistance where needed.”

The problem attracted particular public attention in Italy on Sunday because it coincided with a nationwide internet outage affecting telecommunications operator Telecom Italia, which interfered with streaming the Spezia v. Napoli soccer match but appeared largely resolved by the time of the later Derby della Madonnina between Inter Milan and AC Milan. It was unclear whether the outages were related to the ransomware attacks.