ROME (Reuters) – Thousands of computer servers around the world have been targeted by a ransomware attack targeting VMware ESXi servers, Italy’s national cyber security agency (ACN) said on Sunday, warning organizations to take measures to protect their systems.
ACN CEO Roberto Baldoni told Reuters the hacker’s goal was to exploit a software vulnerability, adding that it was massive.
A VMware spokesperson said the company is aware of the incidents and has issued patches for the two-year-old vulnerability that is being used in February 2021, urging its customers to apply the patch if they haven’t already.
The Italian news agency ANSA, citing ACN, reported that servers were hacked in other European countries such as France and Finland, as well as in the United States and Canada.
Dozens of Italian organizations are believed to have been affected, and many others have been warned to take steps to avoid having their systems blocked.
Telecom Italia customers reported internet problems earlier on Sunday, but the two issues were not linked.
US Cybersecurity officials said they were assessing the impact of the reported incidents.
“CISA is working with our partners in the public and private sectors to assess the impact of these reported incidents and provide assistance as needed,” the US Cybersecurity and Infrastructure Security Agency said in a statement.
(Reporting by Elvira Paulina and Crystal Hu; Writing by Keith Weir; Editing by Ian Harvey and Lisa Shumaker)