Hackers demand $70M in ransomware attack: Motivations could be political, says expert

by ELISSA SALAMY, The National Desk

Tue, July 6th 2021, 1:15 PM UTC

FILE - This Feb 23, 2019, file photo shows the inside of a computer in Jersey City, N.J. Cybersecurity teams worked feverishly Sunday, July 4, 2021, to stem the impact of the single biggest global ransomware attack on record, with some details emerging about how the Russia-linked gang responsible breached the company whose software was the conduit. An affiliate of the notorious REvil gang, infected thousands of victims in at least 17 countries on Friday, largely through firms that remotely manage IT infrastructure for multiple customers, cybersecurity researchers said. (AP Photo/Jenny Kane, File)

WASHINGTON (SBG) - Hundreds of companies are scrambling after what is being deemed the biggest global ransomware attack on record. The Russia-linked group known as REvil is offering a universal decrypter software key to fix the hack in exchange for $70 million in cryptocurrency.

“Kaseya is a Florida-based software management company, which supplies IT remote software management to manage service providers, all over the world. They then give those updates to their clients, which range from grocery stores to financial institutions to dental offices to travel companies and also public agencies,” said attorney and cybersecurity expert Leeza Garber to The National Desk’s Scott Thuman. “This impact was all over the world, every continent, and all different types of businesses.”

REvil is based in Russia and was the same group responsible for the attack on meat processor JBS at the end of May.

“This is a money-making machine. Ransomware as a service is very valuable, they're able to ask for ransoms in the range from a couple thousand dollars to a couple million dollars,” said Garber. “In this case, they are asking every business involved for different amounts of money. As you mentioned, they also are offering an option for $70 million for a universal decrypter key.

According to Garber, the controversy is also political.

“Russia is harboring these ransomware criminal syndicates and essentially allowing them to operate without any penalty. So really the motivations could stem from money-making, but also political activity as well,” said Garber.

With an increase in the number of ransomware attacks we’ve seen in the last few months, are our cybersecurity systems vulnerable to cyber threats?

“Ransomware has been one of the hottest types of cyber attacks for the past couple of years, it's just been growing exponentially,” said Garber. “It's a problem of cybersecurity not being taken seriously enough but in the end, this attack really opens our eyes to how sophisticated these criminal syndicate groups are.”

President Joe Biden is facing pressure to stop cyberattacks from occurring. Last month, Biden pressed Russian President Vladimir Putin to stop giving safe haven to ransomware groups. But is there anything that the U.S. can do to prevent future attacks?

JOIN THE CONVERSATION (

)

“Part of this is the United States being proactive about cybersecurity, which certainly Biden's proposed infrastructure bill does with millions of dollars being proposed,” said Garber. “We really need the international community to come together and deal with the reckoning of these kinds of cyberattacks.”

Loading ...