Jüngste Ransomware Angriffe
July 6, 2021 -
Die Ransomware Bande REvil hat vom Software Lieferanten Kaseya die Zahlung von $70 Millionen verlangt, um Informationen aus einem Hack von rund 800 bis 1.500 Firmen weltweit freizugeben.
Ransomware is malicious code that uses encryption to perpetually block an organization’s critical data in the hope of extorting a hefty ransom. A growing preference for “double-extortion” attacks sees hackers downloading data before encryption then threatening the victim with public exposure of their stolen data.
Florida-based Kaseya is a company that provides software tools to Managed Service Providers (MSPs). MSPs are information technology companies that handle networks for companies too small or modestly resourced to have tech departments.
One of those tools was used on Friday (July 2) by Russian-based REvil, also known as Sodinokibi, allowing hackers to paralyze hundreds of businesses globally. Although most of those affected have been small companies, the disruption hit Sweden, where supermarket chain Coop shuttered almost 800 stores on Friday.
The Kaseya hack is the latest in a wave of ransomware attacks on U.S. companies. Last month, meat-processing giant JBS paid $11 million to REvil. In May, Colonial Pipeline paid a $4.4 million demand by DarkSide -- another Russian group.
Ransomware attacks have caused alarm at the highest levels of government. In a June 16 meeting with Russian President Vladimir Putin, President Joe Biden called for a crackdown on Russian cyberattacks.
- Up to 1,500 businesses affected by ransomware attack, U.S. firm's CEO says (Reuters)
- Apple Targeted in $50 Million Ransomware Hack of Supplier Quanta (Bloomberg)
- $2.3 Million in Cryptocurrency seized (Department of Justice)
- Computer giant Acer hit by $50 million ransomware attack (Bleeping Computer)