Suspected Russian Cybercriminals Demand $70 Million In Massive Ransomware Attack posted at 22:56:58 UTC
Michael Novakhov's favorite articles on Inoreader
(RFE/RL) — Suspected Russian-speaking cybercriminals behind what may be the largest ransomware attack to date have demanded $70 million in Bitcoin in exchange for a decryption tool as companies and security experts continued to assess the extent of damage.
Cybersecurity experts believe thousands of victims in at least 17 countries may be impacted by the attack on U.S.-based firm Kaseya, which provides information-technology (IT) services to some 40,000 businesses around the world.
Fred Voccola, CEO of Kaseya, said only about 50-60 of the company’s customers were compromised. However, 70 percent were so-called managed service providers who use the company’s hacked VSA software to manage multiple customers.
That means thousands of small and medium-sized businesses could be impacted, Voccola said in an interview with the Associated Press. Voccola declined to offer details of the breach except to say that it was not phishing and that “the level of sophistication here was extraordinary.”
Cybersecurity experts say the REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack and it was no coincidence that it was launched at the start of the U.S. Independence Day holiday weekend. Many victims may not find out they have been hit until they reopen on July 5 or 6.
The FBI and the U.S. Cybersecurity and Infrastructure Security Agency are investigating and have asked companies to report the incidents but warned that “the scale of this incident may make it so that we are unable to respond to each victim individually.”
President Joe Biden has directed U.S. intelligence agencies to investigate, and Anne Neuberger, White House deputy national-security adviser for cyber and emerging technology, said in a statement that the FBI and the Department of Homeland Security “will reach out to identified victims to provide assistance based upon an assessment of national risk.”
One of the companies affected is the Swedish grocery chain Coop. It was forced to close most of its 800 stores because the attack crippled its cash register software. A Swedish pharmacy chain, gas station chain, the state railway, and public broadcaster SVT were also hit.
In the case of Coop, it was impacted because its IT subcontractor is linked to Kaseya.
Germany’s federal cybersecurity watchdog said an unidentified IT service provider that looks after several thousand customers had been hit. Two big Dutch IT services companies also were among the targets.
Ransomware attacks are carried out by hackers who break into networks and spread malicious computer code used to encrypt a victim’s digital data. The data are unusable until the targeted company pays the ransom.
A post on Happy Blog, a site on the dark web previously associated with REvil, claimed responsibility for the attack and said it had infected “more than a million systems,” a claim that couldn’t be verified.
The hackers said they would release a decryption to allow companies to recover from the attack only if they were given $70 million in Bitcoin.
The FBI believes that REvil was behind a ransomware attack in May on meat-processing giant JBS. The Brazil-based company ended up paying $11 million in Bitcoin to the hackers.
Another high-profile ransomware attack in May targeted Colonial Pipeline, which temporarily closed the largest U.S. gas pipeline. U.S. law enforcement authorities said they recovered most of the ransom paid to another criminal group, DarkSide, in the pipeline case.
In June, Biden pressed Russian President Vladimir Putin during their summit in Geneva about ransomware gangs allegedly operating with impunity in Russia. Biden said he also told Putin that the United States would respond if an investigation determines that the Russian government is behind an attack.
Azerbaijan releases a video of a mud volcano in activity, hours after images spread on social media showing a large fire erupting on the Caspian sea. According to Baku, the volcano does not pose a threat to offshore oil and gas infrastructure and other facilities, as well as human life.
Subscribe to AFP and activate your notifications to get the latest news 🔔
http://www.youtube.com/channel/UC86dbj-lbDks_hZ5gRKL49Q/?sub_confirmation=1
President Joe Biden spoke on the progress the country has made against Covid-19 during a 4th of July celebration at the White House.
» Subscribe to MSNBC: http://on.msnbc.com/SubscribeTomsnbc
MSNBC delivers breaking news, in-depth analysis of politics headlines, as well as commentary and informed perspectives. Find video clips and segments from The Rachel Maddow Show, Morning Joe, Meet the Press Daily, The Beat with Ari Melber, Deadline: White House with Nicolle Wallace, The ReidOut, All In, Last Word, 11th Hour, and more.
Connect with MSNBC Online
Visit msnbc.com: http://on.msnbc.com/Readmsnbc
Subscribe to MSNBC Newsletter: http://http://MSNBC.com/NewslettersYouTube
Find MSNBC on Facebook: http://on.msnbc.com/Likemsnbc
Follow MSNBC on Twitter: http://on.msnbc.com/Followmsnbc
Follow MSNBC on Instagram: http://on.msnbc.com/Instamsnbc
#Biden #Coronavirus #July4th
- 73 Percent of Americans Not Getting Vaccinated Say Risk of the Delta Variant Exaggerated Newsweek
- Fewer than half of US states have reached the White House's July 4th vaccine goal as the Delta variant threatens the nation's progress CNN
- Delta variant is California’s most dominant coronavirus strain Los Angeles Times
- Holiday travel to hit pandemic-era record as the nation inches toward normalcy News 19 WLTX
- Covid: Fauci Says He’d Wear a Mask in Places With Low Vaccination Rates The New York Times
- View Full Coverage on Google News
Comments
Post a Comment