The Revil ransomware gang that hit IT software provider Kasia VSA with a crippling supply chain ransomware attack on Friday, July 2, has now published a blanket ransom demand on its dark Web site, the infamous Happy Blog. According to the Post, the Reville gang, also known as Sodinokibi, has asked to pay $70 million, or about Rs 520 crore, for claiming to have “over a million systems”. The ransom demands came two days after news of the attack initially suspected to have affected at least a few hundred small and medium-sized companies as a result of the attack. Companies were largely using outsourced IT services from managed service providers (MSPs), who in turn were using software provided by Kasia VSAs.
Revil Gang’s post read, “On Friday (02.07.021) we attacked MSP providers. More than a million systems were infected. If anyone wants to talk about Universal Decryptor – we are worth $70,000,000 in BTC and we will publicly publish the decryptor which decrypts all the victims’ files, so everyone can recover from the attack in less than an hour would be able. If you are interested in this kind of deal – contact us using the victim “readme” file instructions. (sic)”
Read more: The Devastating Revil Ransomware Attack Is Potentially One of the Biggest Hacks Ever
The ransom demand is the largest known in public memory, and if paid, will be the largest ransom ever paid for a cyberattack. Kasia ransomware attack is also one of the biggest ever Known Cyber Attacks To date, and the sheer scale of it is alarming in terms of the sophistication, scale and total cost of the attack, which could involve companies getting back on their feet and working around their encrypted data – even if the ransom demanded is payment has not been made. Initial reports had found that the Revil gang was seeking around $5 million (about Rs 37 crore) from large MSPs affected by the ransomware attack, and as little as $45,000 (about Rs 33.5 lakh) from smaller companies. An attack resulting from being one of the clients of Kasia or the linked MSP.
Ross McCurcher, VP and CISO at Sophos, explained the extent of the Kasia Reville ransomware attack, saying, “Our evidence shows that more than 70 managed service providers were affected, resulting in over 350 organizations affected. . . that the scope of victim organizations would be greater than any personal protection company is being reported. Victims are spread in many places around the world, most of them in the United States, Germany and Canada, and others in Australia, the UK and others areas.”
While it remains to be seen what resolution has been sought in the light of the Reville attack, the situation is grim at the moment. The United States Federal Bureau of Investigation (FBI), as well as several other cybersecurity companies, are currently investigating the attack, and a report in the Associated Press states that US President Joe Biden has used the full resources of the US government. has directed. in the investigation of the attack. The move comes after the US mounted mounting pressure on Russia to crack down on ransomware gangs, many of which have so far been alleged to be based in Russia. It is not yet clear whether a state-backed motive could also be part of the Kasia ransomware attack, although the indications do not directly suggest so.
Ransomware payments are known to be the driving force behind more direct, more ransomware attacks, and on this front, many cybersecurity advocates called for better regulation and greater involvement of central government resources to tackle the growing volume of ransomware attacks. is. world. Kasia ransomware attack is also a global one, and is not limited to USA or other specific countries only. With ransom demands out in the open, it remains to be seen how the case proceeds at this point in time.
The Reville Gang had previously published this blanket ransom demand through their blog, claiming that the ransom amount would increase over time if their demands were not met.
read all Breaking Newshandjob today’s fresh news and coronavirus news Here
.