The perpetrators of a “colossal” ransomware attack have demanded $70 million (£50.5 million) in Bitcoin in exchange for a “universal decryptor” that they claim will unlock all victims’ files.
The REvil organization claims to have infected one million “systems” with its malware (huge), which was first targeted at US IT firm Kaseya. The actual number of victims is unknown because this number has not been verified. It does, however, contain 500 Swedish Coop stores and 11 New Zealand schools. According to local media sources, two Dutch IT enterprises have also been harmed.
Counting victims:
Huntress Labs, a cyber-security company, estimates that roughly 200 businesses were hit on Friday. The “supply chain” attack started with Kaseya and then expanded to other companies who use its software. Fewer than 40 of Kaseya’s own clients were affected, according to the company. However, because Kaseya sells software to managed service providers, which in turn give outsourced IT services to other businesses, the number of people affected could be significantly higher.
- Want to know more about Bitcoins?
Within those affected organizations, the number of individual computer systems could be even higher. According to the Associated Press, Kaseya CEO Fred Voccola estimates that the number of victims will be in the thousands, with small businesses like dentistry practices and libraries making up the majority of the casualties. For hundreds, if not thousands, of IT staff around the world, the ransomware onslaught has been a nightmare that is only getting worse.
However, the way the cyber-security community has banded together to mitigate this huge attack’s damage has been extraordinary. Private and public sector cyber-defenders have started sending alerts as specialists figure out how to effectively unravel the network of victims. If it hadn’t been for a hectic and stressful weekend at work, there may have been considerably more victims.
However, we now know that the REvil hackers were aware of the secret digital entryway in the Kaseya system before the attack. Long before the hackers discovered the flaw, researchers from the Dutch Institute for Vulnerability Disclosure discovered it and were assisting Kaseya in closing it. It was a race between the good hackers and the evil hackers to prevent the bad hackers from getting in, and as the institute’s Victor Gevers puts it, “Unfortunately, we were beaten by REvil in the last sprint.” This story demonstrates how competent, persistent, huge and determined these criminals are, and how, despite all of the cyber-security industry’s efforts, we are losing the race against ransomware.
Please check out the following website for further news articles: