Israeli-based U.S. IT provider Ness Digital Engineering came under a cyberattack on Monday, impacting computers in India, the United States and perhaps Israel.
Ness Technologies Israel, which was part of the global Ness corporation until its sale seven years ago, may also have been vulnerable to cybercriminals but is now helping defend computer networks in India against the attack.
The attackers used Ranger Locker ransomware technology to demand an undisclosed amount of money to unlock seized computer workstations.
There have not been reports of ongoing negotiations with the attackers, so far.
However, cybersecurity experts say their main concern is that the company's supply chain may have been breached.
Ness Israel CEO Shahar Efal said that his customers — among them government ministries, hospitals and local municipalities — were not compromised in the attack.
According to some early indications, the attack originated through the Ness Israel network, which might have been compromised through an email phishing scam, and had further spread to the global network, though these concerns have yet to receive an official confirmation.
"The attack began last night," a source told Ynet. "It is a serious, ongoing event. The company is trying to contain the attack internally and seemed, thus far, to have successfully contained it without risking customers."
In a statement to customers, the company reiterated that Ness Israel was no longer a part of the global corporation and therefore was not compromised in the attack.
Cybersecurity expert Anat Meiron said that this attack sheds light on the challenges that IT companies are facing.
"We now know that this kind of ransom attacks can reach thousands of workstations quickly and disseminate information it captured to cause further legal and financial damage to businesses."
"companies with international branches must be prepared," she said. "And must adhere to local regulatory demands."
The National Cyber Security Authority said in a statement that no Israeli companies were involved in the attack.