A Cybercrook

Russian hackers lock up 1m devices, demand $70m ransom in Bitcoin

*The Russian group REvil compromised Kaseya Limited, an American software firm, and compelled the company to close over half of its 800 stores while rendering the retailer’s cash registers and self-service checkouts inoperable

*While impacting approximately 50 of Kaseya’s customers, this attack was never a threat nor had any impact to critical infrastructure, says Fred Voccola, company’s Chief Executive Officer

Gbenga Kayode | ConsumerConnect

As several consumers were celebrating the Fourth of July, which is the American Day of Independence, a ring of transnational hackers were celebrating for an entirely different reason.

ConsumerConnect gathered that the cybercrooks over the holiday weekend locked up more than a million individual computer devices, and were demanding $70 million in Bitcoin as a ransom.

Photo: Gium.Co.Uk

The hackers identified as REvil, the Russian group REvil, had compromised Kaseya Limited, an American software company that develops Information Technology (IT) management software.

The company is headquartered in Miami, Florida, in the United States (US), with branch locations across the US, Europe, and Asia Pacific.

The hackers also had hacked meat supplier JBS, one of the leading global meat producers, earlier this year, agency report said.

Report indicated the hack affected many of Kaseya’s clients, including the Swedish grocery store chain Coop.

The incident as well forced the company to close more than half of its 800 stores and rendered the retailer’s cash registers and self-service checkouts inoperable.

It was learnt as the hackers are upping their game, cybersecurity analysts worry that REvil has pushed the limits of hacking further than experts are equipped to handle.

Some of Kaseya’s clients are firms that oversee Internet services for other companies, so REvil was able to snowball the number of victims rapidly.

While many hack attacks try to tie up a single, standalone company, REvil was able to isolate each computer in Kaseya’s list of clienteles and ransom it separately.

The REvil’s initial ransom request was for $45,000 to unlock each individual device.

On its face, Kaseya’s situation sounds dire. However, the company said things were not as bad as they seem.

Fred Voccola, Chief Executive Officer (CEO) of the company, said: “While impacting approximately 50 of Kaseya’s customers, this attack was never a threat nor had any impact to critical infrastructure.

“Many of Kaseya’s customers are managed service providers, using Kaseya’s technology to manage IT infrastructure for local and small businesses with less than 30 employees, such as dentists’ offices, small accounting offices and local restaurants.”

Voccola said only 800 to 1,500 of Kaseya’s customers were compromised by the hack out of an estimated 800,000 to 1,000,000 local and small businesses it manages.

Nonetheless, Voccola said his company’s global teams were working around the clock to get our customers back up and running.

According to him, “we understand that every second they are shut down, it impacts their livelihood, which is why we’re working feverishly to get this resolved.”

Meanwhile, US President Joe Biden has offered “full resources” to the hacked victims.

Shortly after REvil’s attack was set in motion, report stated, the US Government stepped in to support.

Over the weekend, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) worked with Kaseya to offer some assistance to the victims of the hack.

President Biden said he was offering the “full resources” that he has at his disposal to assist in the response.

As part of the effort, FBI and CISA officials created a detection tool for small businesses that uses Kaseya’s platform to analyse their computer systems and determine whether any indicators of a hack are present, report added.

Kindly Share This Story