BOSTON, US: Cybersecurity teams worked feverishly Sunday to stem the impact of the single biggest global ransomware attack on record, with some details emerging about how the Russia-linked gang responsible breached the company whose software was the conduit.
An affiliate of the notorious REvil gang, best known for extorting $11 million from the meat-processor JBS after a Memorial Day attack, infected thousands of victims in at least 17 countries on Friday, largely through firms that remotely manage IT infrastructure for multiple customers, cybersecurity researchers said. They reported ransom demands of up to $5 million.
The FBI said in a statement Sunday that it was investigating the attack along with the federal Cybersecurity and Infrastructure Security Agency, though “the scale of this incident may make it so that we are unable to respond to each victim individually.” Deputy National Security Adviser Anne Neuberger later issued a statement saying President Joe Biden had “directed the full resources of the government to investigate this incident” and urged all who believed they were compromised to alert the FBI.
Biden suggested Saturday the US would respond if it was determined that the Kremlin is at all involved.
The attack comes less than a month after Biden pressed Russian President Vladimir Putin to stop providing safe haven to REvil and other ransomware gangs whose unrelenting extortionary attacks the US deems a national security threat.
A broad array of businesses and public agencies were hit by the latest attack, apparently on all continents, including in financial services, travel and leisure and the public sector — though few large companies, the cybersecurity firm Sophos reported. Ransomware criminals break into networks and sow malware that cripples networks on activation by scrambling all their data. Victims get a decoder key when they pay up.
The Swedish grocery chain Coop said most of its 800 stores would be closed for a second day Sunday because their cash register software supplier was crippled. A Swedish pharmacy chain, gas station chain, the state railway and public broadcaster SVT were also hit.
In Germany, an unnamed IT services company told authorities several thousand of its customers were compromised, the news agency dpa reported. Also among reported victims were two big Dutch IT services companies — VelzArt and Hoppenbrouwer Techniek. Most ransomware victims don’t publicly report attacks or disclose if they’ve paid ransoms.
CEO Fred Voccola of the breached software company, Kaseya, estimated the victim number in the low thousands, mostly small businesses like “dental practices, architecture firms, plastic surgery centers, libraries, things like that.”
Voccola said in an interview that only between 50-60 of the company’s 37,000 customers were compromised. But 70 percent were managed service providers who use the company’s hacked VSA software to manage multiple customers. It automates the installation of software and security updates and manages backups and other vital tasks.
Experts say it was no coincidence that REvil launched the attack at the start of the Fourth of July holiday weekend, knowing US offices would be lightly staffed. Many victims may not learn of it until they are back at work on Monday. The vast majority of end customers of managed service providers “have no idea” what kind of software is used to keep their networks humming, said Voccola,
Kaseya said it sent a detection tool to nearly 900 customers on Saturday night.
John Hammond of Huntress Labs, one of the first cybersecurity firms to sound the alarm on the attack, said he’d seen $5 million and $500,000 demands by REVil for the decryptor key needed to unlock scrambled networks. The smallest amount demanded appears to have been $45,000.
Sophisticated ransomware gangs on REvil’s level usually examine a victim’s financial records — and insurance policies if they can find them — from files they steal before activating the data-scrambling malware. The criminals then threaten to dump the stolen data online unless paid. It was not immediately clear if this attack involved data theft, however. The infection mechanism suggests it did not.
“Stealing data typically takes time and effort from the attacker, which likely isn’t feasible in an attack scenario like this where there are so many small and mid-sized victim organizations,” said Ross McKerchar, chief information security officer at Sophos. “We haven’t seen evidence of data theft, but it’s still early on and only time will tell if the attackers resort to playing this card in an effort to get victims to pay.”
Dutch researchers said they alerted Miami-based Kaseya to the breach and said the criminals used a “zero day,” the industry term for a previous unknown security hole in software. Voccola would not confirm that or offer details of the breach — except to say that it was not phishing.
“The level of sophistication here was extraordinary,” he said.
When the cybersecurity firm Mandiant finishes its investigation, Voccola said he is confident it will show that the criminals didn’t just violate Kaseya code in breaking into his network but also exploited vulnerabilities in third-party software.
It was not the first ransomware attack to leverage managed services providers. In 2019, criminals hobbled the networks of 22 Texas municipalities through one. That same year, 400 US dental practices were crippled in a separate attack.
One of the Dutch vulnerability researchers, Victor Gevers, said his team is worried about products like Kaseya’s VSA because of the total control of vast computing resources they can offer. “More and more of the products that are used to keep networks safe and secure are showing structural weaknesses,” he wrote in a blog Sunday.
The cybersecurity firm ESET identified victims in least 17 countries, including the United Kingdom, South Africa, Canada, Argentina, Mexico, Indonesia, New Zealand and Kenya.
Kaseya says the attack only affected “on-premise” customers, organizations running their own data centers, as opposed to its cloud-based services that run software for customers. It also shut down those servers as a precaution, however.
Kaseya, which called on customers Friday to shut down their VSA servers immediately, said Sunday it hoped to have a patch in the next few days.
Active since April 2019, REvil provides ransomware-as-a-service, meaning it develops the network-paralyzing software and leases it to so-called affiliates who infect targets and earn the lion’s share of ransoms. US officials say the most potent ransomware gangs are based in Russia and allied states and operate with Kremlin tolerance and sometimes collude with Russian security services.
Cybersecurity expert Dmitri Alperovitch of the Silverado Policy Accelerator think tank said that while he does not believe the Kaseya attack is Kremlin-directed, it shows that Putin “has not yet moved” on shutting down cybercriminals.
Scale, details of massive Kaseya ransomware attack emerge
https://arab.news/bjqyr
Scale, details of massive Kaseya ransomware attack emerge
- An affiliate of the notorious REvil gang infected thousands of victims in at least 17 countries on Friday, cybersecurity researchers say
- Ransomware criminals break into networks and sow malware that cripples networks on activation. Victims get a decoder key when they pay up
Saudi Arabia, Azerbaijan sign SME deal to strengthen trade ties
RIYADH: Saudi Arabia and Azerbaijan have signed a comprehensive agreement focused on strengthening economic collaboration through the development of small and medium-sized enterprises, in a move that underscores both nations’ commitment to enhancing bilateral trade and investment.
The memorandum of understanding was formalized during the 8th session of the Saudi-Azerbaijani Joint Committee, held in Riyadh. It was signed between Saudi Arabia’s Small and Medium Enterprises General Authority, known as Monsha’at, and Azerbaijan’s Small and Medium Business Development Agency, known as KOBIA.
The SME agreement aligns with Saudi Arabia’s Vision 2030 strategy, which prioritizes economic diversification and entrepreneurship. For Azerbaijan, it marks another step in forging strategic partnerships in the Gulf region to bolster private-sector growth and create new market opportunities for innovative enterprises.
In a statement posted on X, Monsha’at said: “In the presence of H.E Minister of Investment, Eng. Khalid bin Abdulaziz Al-Falih, and the Deputy Prime Minister of the Republic of Azerbaijan, Samir Sharifov, Monsha’at, signed a MoU with ‘KOBİA’ Agency, as part of the 8th session of the Saudi-Azerbaijani Joint Committee activities, to strengthen cooperation in supporting the SMEs and entrepreneurship’s growth between the two countries.”
The agreement encompasses a broad range of initiatives, including knowledge exchange, joint training programs, and support for technical innovation. It also promotes investment opportunities, cross-border partnerships, and institutional collaboration through exhibitions and shared platforms.
In a separate announcement, the Saudi Ministry of Investment revealed the signing of two additional memorandums of understanding between private-sector companies from both countries.
“These agreements cover the development of maritime infrastructure and the establishment of industrial and medical facilities in the Kingdom, including the production of biotechnology and oncology medicines, the establishment of research and development centers, and infrastructure for re-export warehouses,” the Ministry noted in a post on X.
The joint committee also reviewed a series of potential joint ventures aimed at strengthening cooperation across mutually beneficial sectors. These initiatives are closely aligned with both countries’ long-term goals for economic diversification.
Officials from Saudi Arabia and Azerbaijan emphasized the importance of fostering dynamic SME ecosystems as engines of job creation, innovation, and global competitiveness. By aligning policy frameworks and enabling institutional collaboration, the two nations aim to unlock greater private-sector engagement and regional trade expansion.
Closing Bell: Saudi main index closes in red at 11,746
RIYADH: Saudi Arabia’s Tadawul All Share Index dipped on Tuesday, losing 38.43 points, or 0.33 percent, to close at 11,746.20.
The total trading turnover of the benchmark index was SR6.87 billion ($1.83 billion), as 86 stocks advanced, while only 157 retreated.
The MSCI Tadawul Index decreased by 5 points, or 0.33 percent, to close at 1,493.77.
The Kingdom’s parallel market, Nomu, dipped, losing 89.34 points, or 0.31 percent, to close at 28,331.37. This comes as 35 stocks advanced, while 43 retreated.
The best-performing stock on the main index was Arabian Contracting Services Co., with its share price surging by 9.88 percent to SR131.20.
Other top performers included Al-Baha Investment and Development Co., which saw its share price rise by 4.94 percent to SR4.25, and Sumou Real Estate Co., which saw a 3.93 percent increase to SR 46.25.
The worst performer of the day was Alistithmar AREIC Diversified REIT Fund, whose share price fell by 3.39 percent to SR9.41.
Saudi Tadawul Group Holding Co. and Saudi Kayan Petrochemical Co. also saw declines, with their shares dropping by 2.94 percent and 2.83 percent to SR185 and SR5.83, respectively.
On the announcements front, Alinma Bank announced its interim financial results for the first three months of the year, with net profit amounting to SR1.5 million, a 1.3 percent dip compared to the previous quarter.
The bank’s total comprehensive income saw a 56 percent increase in the first quarter of 2025 to reach SR1.6 million.
Saudi Ceramic Co. also announced its financial results for the same period, with its net profit dipping by 88.4 percent to SR20.8 million compared to the previous quarter. Similarly, the company’s total comprehensive income saw a decrease of 88.7 percent to SR20.8 million.
Saudi Ceramic Co.’s share price traded 3.15 percent higher on the main market to reach SR27.85.
In the first quarter of 2025, Astra Industrial Group’s net profits saw a 30.7 percent quarter-on-quarter increase to reach SR171.8 million. The group attributed the increase to an uptick in gross profit in the pharmaceuticals sector and a decrease in finance costs in the specialty chemical sector.
The group’s share price traded 0.52 percent lower to reach SR153.
Diriyah Co. awards $1.13bn contract for King Saud University relocation
JEDDAH: Saudi Arabia’s Diriyah Co. has awarded a SR4.22 billion ($1.13 billion) construction contract to relocate King Saud University’s utilities and administration offices, advancing infrastructure development in one of the Kingdom’s flagship urban projects.
The project was given to a joint venture between China Railway Construction Corp.’s Saudi branch and China Railway Construction Group Central Plain Construction Co., according to a press release.
Part of the Public Investment Fund’s giga-project portfolio, the Diriyah development is a 14 sq. km mixed-use district poised to house nearly 100,000 residents and provide office space for tens of thousands of professionals across the technology, media, arts, and education sectors.
Once complete, it is expected to generate 178,000 jobs, attract nearly 50 million annual visitors, and contribute SR70 billion to Saudi Arabia’s gross domestic product.
Jerry Inzerillo, group CEO of Diriyah Co., said: “We are delighted to announce this major contract to support King Saud University, whose campus adjoins the Diriyah development area.”
He emphasized that the agreement represents a significant step in furthering efforts to enhance both educational and infrastructural excellence in the Kingdom.
“We are proud to support one of the Kingdom’s leading academic institutions in delivering enhanced infrastructure services that will benefit both its students and the broader university community,” Inzerillo said.
The contract includes the design and construction of several critical infrastructure components. These include a district cooling plant, water storage facilities, and a sewage treatment plant, as well as an LPG/SNG plant and a diesel pumping station.
The scope also covers a utility tunnel, irrigation tanks, office buildings, warehouses, and maintenance workshops.
Li Chongyang, chairman of China Railway Construction International Group, said the project reflects the firm’s commitment to delivering world-class infrastructure to the highest standards.
“We look forward to contributing to the success of this iconic project and supporting the continued growth of King Saud University,” he said.
This latest award brings the total value of contracts issued by Diriyah Co. in 2025 to over $2.9 billion, as the area undergoes rapid transformation into a global destination aligned with Vision 2030.
Qatar attracts $13.8m industrial investments in Q1
JEDDAH: Qatar recorded 50 million riyals ($13.8 million) in new industrial investments and a 32 percent rise in commercial registrations in the first quarter of 2025, underscoring momentum in its economic diversification and reform agenda.
At its quarterly meeting held on April 28 and chaired by Minister of Commerce and Industry Sheikh Faisal bin Thani Al-Thani, the ministry reviewed key performance indicators and introduced several policy updates aimed at bolstering the business environment.
Among the major reforms highlighted were streamlined company registration procedures for foreign investors and simplified environmental permitting processes.
“The meeting also discussed cooperating with the Ministry of Transport to include logistical activities under a single commercial registration; and announcing the automatic issuance of a tax card upon issuing a commercial registration,” the ministry said in a press release.
In January, Qatar unveiled two major policy frameworks: the Ministry of Commerce and Industry Strategy and the Qatar National Manufacturing Strategy 2024–2030. Under the theme “Achieving Sustainable Economic Growth,” the initiatives are aligned with Qatar National Vision 2030 and aim to enhance private sector participation, expand manufacturing capabilities, and attract foreign direct investment.
The strategies target a 3.4 percent compound annual growth rate in non-oil sectors by 2030 and aim to secure $100 billion in foreign investment, while promoting an innovation-driven economy.
As part of its efforts to support local industry, the ministry launched a new “National Product” webpage to promote fair competition and improve product quality. The verification period also began for factories seeking benefits under the In-Country Value Plus policy.
“The meeting further discussed the key performance indicators for various sectors and administrative units. Results showed that the contribution of the manufacturing sector to real gross domestic product reached 52.4 billion riyals in 2024,” the ministry said.
Qatar also made notable gains in global competitiveness, climbing from 18th in 2022 to 11th in 2024 in the International Institute for Management Development’s business efficiency rankings.
During the first quarter, the ministry conducted 39,558 inspection campaigns and reported significant progress under the Third National Development Strategy.
“The meeting also reviewed the progress of projects under the Third National Development Strategy – concluding that 17 percent of the ministry’s projects were completed and work is ongoing on 23 percent of projects,” the report said.
Efforts to reduce service fees and simplify business registration for overseas investors have contributed to an 87 percent increase in new commercial licenses compared to the same period in 2024. The time required to issue commercial registrations has also decreased significantly.
“Furthermore, the increase of permissible activities for home-based businesses from 10 to 63 activities led to a 54 percent surge in the number of home business licenses,” the ministry noted.
The Single Window platform introduced three new e-services in the first quarter, with 38 additional services scheduled for rollout later this year, supported by strong user satisfaction.
“Local patent applications, trademark registration applications, and copyright registration applications grew by more than 18 percent compared to the first quarter of 2024,” the statement added.
On the industrial front, eight new factories were launched in Q1, and non-hydrocarbon industrial exports reached approximately 29.8 billion riyals. The ministry also began reviewing six potential public-private partnership opportunities.
In consumer affairs, authorities ramped up inspection and awareness campaigns to deter trade violations and reviewed the nation’s strategic stockpile and food and fodder security.
The meeting was attended by Minister of State for Foreign Trade Affairs Ahmed bin Mohammed Al-Sayed, Undersecretary Mohamed bin Hassan Al-Maliki, assistant undersecretaries, and department directors.
It concluded with a review of project milestones and discussions on overcoming implementation challenges while improving operational performance.
Warehouse occupancy in Saudi Arabia nearing saturation: Knight Frank
RIYADH: Saudi Arabia’s industrial and logistics market is experiencing growth, with warehouse occupancy rates nearing saturation and rental prices in Riyadh increasing by 16 percent year-on-year, according to Knight Frank.
The firm’s latest “Saudi Arabia Industrial and Logistics Market Review” highlighted a booming sector driven by e-commerce expansion, strategic government initiatives, and surging foreign investment.
The Kingdom’s logistics hubs — Riyadh, Jeddah, and the Dammam Metropolitan Area— are operating at near-full capacity.
Riyadh leads with a 98 percent occupancy rate, while Jeddah and Dammam follow closely at 97 percent each.
This momentum was also reflected in occupancy rates in Abu Dhabi with its industrial and logistics market maintaining near-full capacity, mirroring Dubai’s tight supply.
Key hubs like Khalifa Economic Zones Abu Dhabi and Abu Dhabi Airports Free Zone saw sustained demand, driven by strategic infrastructure projects and growing manufacturing activity, according to a separate report by Knight Frank.
Riyadh’s prime warehouse spaces now command rents exceeding SR250 ($66.6) per sq. meter, while city-wide averages hit SR208.
“Despite a slowdown in demand during the second half of the year, city-wide rental rates increased by 16 percent year-on-year,” the report said.
Jeddah’s lease rates for Grade B facilities rose to SR238 per sq. meter, with the high-end Asfan district maintaining 100 percent occupancy at SR387 per sq. meter. Dammam Metropolitan Area saw rents jump 14.8 percent to SR202 per sq. meter, fueled by a chronic shortage of quality logistics space.
E-commerce and mega-projects fuel growth
Rapid urbanization, a tech-savvy consumer base, and giga-projects like the Special Integrated Logistics Zone and Sino-Saudi Logistics Zone are reshaping demand.
“Demographic shifts including rapid urbanization, increased female workforce participation, and a tech-savvy Gen Z and millennial consumer base are accelerating the growth of the e-commerce sector,” the report stated.
The 3-million-sq. meter Special Integrated Logistics Zone has attracted global players like SHEIN and Apple, while the 4-million-sq. meter Sino-Saudi zone aims to strengthen trade ties with China.
Government initiatives and private investment
The National Industrial Development and Logistics Program is a cornerstone of the Kingdom’s industrial strategy, aiming to increase the transport and logistics sector’s contribution to the gross domestic product to 10 percent by 2030, from 6 percent in 2021.
Public-private partnerships are flourishing, with projects like the Tamer Logistics Park and Agility Logistics Park set to expand supply in key regions.
“Substantial investments to improve and expand connectivity and trade infrastructure, along with regulatory reforms are helping transform Saudi Arabia into a logistics powerhouse,” the report emphasized.
Sustainability and digital transformation
The sector is also pivoting toward sustainability and automation. Companies like Maersk and Agility are adopting solar-powered warehouses, while digital tools streamline operations.
“Sustainability has become a major market driver, with companies integrating renewable energy fields and LEED-certified buildings,” said Adam Wynne, partner at Knight Frank.
With 36,000 factories projected by 2035 and FDI reforms attracting multinationals, Knight Frank predicts sustained growth.
“Saudi Arabia is on track to become a regional logistics powerhouse,” Wynne said, citing the Kingdom’s integration of “global expertise, modern infrastructure, and green initiatives.”
