.png){kind=logo}
- Insights
- Cryptocurrencies
- Stocks
- White Papers
- Industry
- Geography
- Insights
- Cryptocurrencies
- Stocks
- White Papers
- Industry
- Geography
The latest mass ransomware attack has claimed US$70 million from 1,500 companies across the world. Investigators believe that a Russian-based cybercriminal group, known as REvil, has started a string of ransomware attacks to create a massive impact on businesses worldwide. The huge demand for US$70 million was posted on one of the dark websites by the Russian-linked gang, REvil. REVil is known as one of the most popular and prolific extortionists from the dark web.
REvil is known for its ransomware attacks all over the world with demands ranging from US$45,000 to US$5 million from companies for the decryptor key to unlock scrambled networks. It provides ransomware-as-a-service which means REvil develops the network-paralyzing software to compromise the systems of victims and earn millions of dollars of ransoms in the process. The Russian gang consists of an affiliate structure that makes it very difficult for investigators on determining the leader of the cyberattack.
REvil, is said to have broken into a Miami-based IT firm known as Kaseya for a data breach and this ransomware set off a long chain reaction that paralyzed several hundreds of companies across the world rapidly. The gang demanded US$70 million to restore all confidential data within a short period of time. Sweden had to close down its 800 Coop supermarkets due to the inoperative cash machines while the schools and kindergartens of New Zealand got affected. Multiple state railways, schools, travel companies, credit unions, and pharmacy chains also were affected by this ransomware attack. Reuters logged in to the payment portal and had a chat with an operator who mentioned that the price is still US$70 million. REvil selected the long US weekend to take time and spread across businesses over five continents without the presence of any employee.
The FBI is involved in the full-fledged investigation of the horrific cyberattack with the Cybersecurity and Infrastructure Security Agency as well as other US federal agencies. The US President, Joe Biden, has ordered to seek the source of whether the cyberattack has taken place from Russia. The UN Security Council has also held its first formal public meeting on cybersecurity concerns.
