Hacking Group Behind Kaseya Ransomware Attack Posts Staggering Ransom Demand
On July 4th, we reported that the developing Kaseya ransomware incident might be much worse than initially thought. While it is still unclear exactly how many victims and encrypted devices there are, it was apparent that this is certainly a wide-reaching international incident. We also noted that REvil, the Russian-backed hacking group, had not mentioned the situation on its blog, until now.
Late in the evening on July 4th, REvil made a blog post about its Kaseya attack after much speculation. The group explained that the attack launched on July 2nd has since encrypted “more than a million systems.” However, it seems that this ransomware event is being treated differently than most, as the group is selling a “universal decryptor” for all victims rather than demanding money from each organization it may have infiltrated. Astoundingly, the starting price for this universal tool is a whopping $70,000,000 in Bitcoin, or approximately 2049 coins at current market valuation.
Hopefully, it will not be long we will know more about this attack and its mitigations, outside of paying the ransom for companies who did not have proper backups and security. Furthermore, this proves as a harsh reminder that security incidents can happen to any person, company or organization, regardless of size; and thus, investment in cybersecurity is now essential more than ever.