A group of hackers behind one of the largest ransomware attacks in history, known as REvil, has demanded a ransom of $70m to be paid via the Bitcoin cryptocurrency after successfully breaching a network of over one million systems.
An Attack On Up To 1,500 Businesses
The REvil hack is estimated to have affected anywhere between 800 and 1,500 businesses, confirming its place as one of the largest-scale operations of its kind. The list of firms includes organizations from around the world, from Sweden to New Zealand, as well as companies from various sectors. However, it started with a breach to Florida-based IT outsourcing firm Kaseya.
Kaseya CEO Fred Voccola has been coy on whether the company will consider meeting those demands of a Bitcoin payout or not. The decentralized cryptocurrency has been a catalyst for a huge spike in cybercriminal activity and would provide untraceable anonymity for the hacker group, although it is accepted that the promise to restore all affected data.
Cyber defenders from both the public and private realms have joined forces to alert victims, localize the damage, and help fight back against the ransomware attack. Nonetheless, with the damage spread across such a huge network of systems, restoring all facilities without paying a ransom feels fanciful at best.
While the group of hackers has expressed a willingness to negotiate on the price, its demands underline the severity of the breach. Kyle Hanslovan, CEO of cybersecurity company Huntress suggested that a $40m – $50m ransom would likely be enough to reach an agreement. With BTC’s price fluctuating greatly as the crypto sector is in a dip, any exact agreement is tough to predict even for the experts.
Nonetheless, the attack has hit a huge network of systems due largely to the nature of Kaseya. While the company itself saw fewer than 50 clients attacked, the secondary attack filtering through the network allowed it to spread at a rate that is, ironically, close to that of Covid.
A Wake-Up Call For Businesses
The colossal ransomware attack has created a nightmare for the companies affected, even if many report that only a small percentage of end-users and clients have been compromised. However, it also serves as a major wake-up call for companies around the globe irrespective of their size of background.
If an IT firm like Kaseya can have vulnerabilities within its systems, SMEs and companies from non-tech sectors must accept that they are at risk too. Even if they escaped the damage of this attack, the fact that malware and ransomware have grown by over 300% and 400% respectively since the start of the pandemic cannot be ignored.
Now more than ever, businesses should upgrade in-house departments or partner with a successful IT company to stay on top of the latest threats. From preventative tools and staff training to identification and response protocols, those steps will protect sensitive data, digital assets, and more.
With the world now entering the new norm, delaying the necessary upgrades is simply not an option.