Graphic shows recent ransomware attacks.
GN41561EN

CRIME

Recent ransomware attacks

By Duncan Mil

July 6, 2021 - Ransomware gang REvil has demanded that software provider Kaseya pay $70 million in bitcoin to release information locked in a hack on between 800 and 1,500 businesses worldwide.

Ransomware is malicious code that uses encryption to perpetually block an organization’s critical data in the hope of extorting a hefty ransom. A growing preference for “double-extortion” attacks sees hackers downloading data before encryption then threatening the victim with public exposure of their stolen data.

Florida-based Kaseya is a company that provides software tools to Managed Service Providers (MSPs). MSPs are information technology companies that handle networks for companies too small or modestly resourced to have tech departments.

One of those tools was used on Friday (July 2) by Russian-based REvil, also known as Sodinokibi, allowing hackers to paralyze hundreds of businesses globally. Although most of those affected have been small companies, the disruption hit Sweden, where supermarket chain Coop shuttered almost 800 stores on Friday.

The Kaseya hack is the latest in a wave of ransomware attacks on U.S. companies. Last month, meat-processing giant JBS paid $11 million to REvil. In May, Colonial Pipeline paid a $4.4 million demand by DarkSide -- another Russian group.

Ransomware attacks have caused alarm at the highest levels of government. In a June 16 meeting with Russian President Vladimir Putin, President Joe Biden called for a crackdown on Russian cyberattacks.

Sources
PUBLISHED: 06/07/2021; STORY: Graphic News; PICTURES: Associated Press
Advertisement