The group behind the recent Kaseya cyber attack is asking for a $70M ransom in Bitcoin for a ‘universal decryptor’ key
The Russian hacking group REvil has published a blog post on the dark web taking credit for the audacious cyber attack on MSP providers in the US which they claim affected over a million systems.
They also called on ‘anyone willing to negotiate’ for a ‘universal decryptor’, offering to list the key publicly if someone pays the ransom.
“Everyone will be able to recover from the attack in less than an hour,” the post read.
Will the companies pay the ransom?
The general advice from cyber-security experts is to not pay hackers to retrieve their data, because it encourages future attacks.
However, John Hammond from Huntress Labs doesn’t believe the situation is so simple. The cybersecurity firm Huntress Labs Inc is leading the investigation into the attack.
“This is an extremely intricate and tough situation,” he said in a private Twitter message to Ticker reporters.
“You have to make the decision that is best for your business,” he said.
The Kaseya cyber attack
The attack targeted more than 20 managed service providers (MSP). Yesterday, Huntress Labs anticipated the hack had affected more than 1000 businesses, which expectations that the figure would grow based on reports from the providers and a Reddit thread tracking the hack.
“It’s reasonable to think this could potentially be impacting thousands of small businesses,” tweeted John Hammond from Huntress Labs. Hammond says the attack targeted a software supplier called Kaseya.
Biden has sinced called for US intelligence to conduct a “deep dive” into the attacks. “We’re not sure it’s the Russians,” he said. “The initial thinking was, it was not the Russian government, but we’re not sure yet.”
Sweden closes up shop
Another victim of the attack is Sweden, which has seen around 500 supermarkets unable to trade.
Coop Sweden has closed half of its 800 stores after its point-of-sale tills and self-service checkouts stopped working just before the weekend.
The supermarket itself was not targeted by hackers. However, because it uses on of the affected MSPs it too has fallen victim to the attack.
Cybersecurity becomes and international security issue
This comes as the latest in a string of ransomware attacks in recent months, including the attack on JBS. Experts have also attributed the JBS attack to the REvil cyber gang.
Natasha is an Associate Producer at ticker NEWS with a Bachelor of arts from Monash University. She has previously worked at Sky News Australia and Monash University as an Online Content Producer.
The ‘gloom to soon’ signal points to shares and property gains
Money Minute features finance expert Dr. Steve Enticott from CIA Tax, guiding audiences through practical advice and innovative strategies for financial freedom.
Why the contraction phase calls for cash-focused strategies
Money Minute features finance expert Dr. Steve Enticott from CIA Tax, guiding audiences through practical advice and innovative strategies for financial freedom.
How to spot overheating markets and safeguard your investments
Money Minute features finance expert Dr. Steve Enticott from CIA Tax, guiding audiences through practical advice and innovative strategies for financial freedom.