Major Ransomware Targets Countless Businesses On Fourth of July
A major ransomware attack took place just before the fourth of July, infecting American IT firm Kaseya. The company is responsible for providing software used to manage business networks and devices for many small companies, effectively infecting more than 1000 businesses. This was due to a vulnerability in the VSA, the software used by companies that manage technology at smaller businesses. The group behind this attack is REvil, a Russia-based criminal organization.
Experts suggest that it was likely an affiliate group using the ransomware made by the criminal organization. It’s not the first time REvil has launched a cyber attack just before a holiday. Previously, they have also attacked the global meat-processor, JBS on Memorial Day. They knew that security would be lax around the national holiday, and many offices won’t open till Monday. By then, the ransomware would have infected most of the systems.
United States’s Response to the attack
This attack has now infected countless businesses across 17 nations. This all comes less than a month after U.S. President Joe Biden pressed Russian President Vladimir Putin to stop providing a haven to REvil and other ransomware groups.
Biden also suggested that the U.S. would respond if it were determined that the Russian government is involved. The Federal Bureau of Investigation (FBI) is currently investigating the attack and is trying to confirm whether the ransomware attack had come from Russia.
How do these Ransomware work?
Attacks like these usually target the victim’s financial records and insurance policies. They steal this data and threaten to delete it unless the ransom is paid. In most cases, victims don’t even reveal if they have paid the ransom. For those who do, a decoder key is given to them to stop the data scrambler malware.
The affected companies were mostly small in the financial services, travel, leisure, and the public sector. The total ransom demanded from these companies, in this case, is close to $5 million. For some companies, the minimum ransom amount is $45,000.