Thousands of computer servers around the world have been targeted by a ransomware hacking attack targeting VMware ESXi servers, Italy’s National Cybersecurity Agency (ACN) said, warning organisations to take action to protect their systems.
The attack sought to exploit a software vulnerability, ACN director general Roberto Baldoni told Reuters, adding it was on a massive scale.
A spokesperson for VMware said the company is aware of the incidents and it had issued patches for the two-year-old vulnerability in February 2021, urging its customers to apply the patch if they have not done so.
Italy’s ANSA news agency, citing the ACN, reported that servers had been compromised in other European countries such as France and Finland as well as the United States and Canada.
Dozens of Italian organisations were likely to have been affected and many more had been warned to take action to avoid being locked out of their systems.
US cyber security officials said they were assessing the impact of the reported incidents.
“CISA is working with our public and private sector partners to assess the impacts of these reported incidents and providing assistance where needed,” the US Cyber security and Infrastructure Security Agency said.