Last Updated: July 23, 2021
On the 4th of July 2021, REvil, a notorious Russian cybercrime gang, demanded $70 (£50.5) million via a dark web blog. In return, it would provide a tool to decrypt data affecting Kaseya’s customers in the Friday the 2nd attack.
Interestingly, despite publicly asking for $70 million, the cyber attackers are now approaching Kaseya’s customers individually. According to chief scientist and founder of Elliptic, Tom Robinson, they are negotiating for smaller amounts of about $200K.
Security experts also think it’s strange that the hackers are asking for Bitcoin payment. Responding to a Tweet by Satnam Narang, Professor Ciaran Martin, the National Cyber Security founder, called the move “weird.”
This form of currency is traceable, and most are wondering why they didn’t go for Monero, which is hard to track.
Just a few months back, the Department of Justice seized Darkside’s crypto loot of $2.3 million (63.7 bitcoins).
The Kaseya Connection
Kaseya is a Miami-based IT firm that supplies software to outsourcing shops. The establishments then offer affordable back-office services to smaller businesses.
On the 2nd of July, hackers managed to access data from one of the tools bringing companies to a standstill.
Scope of Damage
The criminal group claimed that the incident has affected millions of companies.
Insiders think that the criminals are chest-thumping, however. Fred Voccola, Kaseya’s chief executive officer, estimated the numbers to be in the thousands.
Verified figures as of now stand at 200 US businesses, 11 New Zealand schools, and 500 Swedish supermarkets.
Both public and private cyber defenders have done a commendable job, joining hands to limit the effects of the attack. They are issuing alerts constantly as they continue to uncover more victims.
Professor Martin blamed Russia for sheltering ransomware attackers. He also pointed out that affected nations were making a mistake by paying them off. He warned that giving in to their demands could motivate them to continue with their evil trade.
President Joe Biden has also weighed in on the matter. He said that security experts have not ascertained that Russia is creating a safe haven for online criminals for now. On Saturday, however, he gave the intelligence agencies the mandate to investigate the matter.