The president of the United States, Joe Biden, ordered to open a federal investigation to find those responsible for a ransomware attack that the technology company Kaseya suffered on July 2. Two days later, on Sunday, July 4, the REvil group claimed responsibility for the attack and asked for USD 70 million in bitcoin (BTC) to release the stolen information.
According to what was reported by the company itself company on its website, an “exceptionally sophisticated” hack affected Kaseya, a Miami-based company that provides IT consulting to more than 200 companies in the United States and other countries .
The security company Huntress reported in a statement on its website that they are tracking the trail of eight providers of this service that were infected. The act would have been committed by REvil, an organization that claimed responsibility for the attack on its page on the dark web and asked for a millionaire figure in bitcoin. They demand a ransom of USD 70 million, which is currently equivalent to 2,082.34 BTC approximately, according to data from CoinGecko.
Regarding the Technical issues, the attack took place on the VSA tool, used mainly by firms that have several branches to manage their data. Criminals encrypted customer information and now request a ransom to decrypt it.
Kaseya’s statement details that “unfortunately, Kaseya’s VSA product has been the victim of a sophisticated cyberattack. Thanks to the quick response of our team, we believe this has been limited to a very small number of customers. ” In addition, the firm assured that its experts would continue working on the subject during the weekend, and a report with updates on the subject is expected for the day of July 5.
Ransomware attacks, targeted by the United States Government
The order to use federal forces was issued by the US president and communicated in a public appearance on the same day that the criminal act, as reported by The Block . Such a level of alert is due to the fact that, as CriptoNoticias reported in early June, the United States government decided to give ransomware attacks a priority similar to that of terrorist activities, in order to have more resources when combating possible threats to entities.
Regarding the alleged perpetrators of the crime, Biden said at that time – before REvil claimed responsibility for the attack on Sunday – that “the initial theory is that it was not the government of Russia, but we are not sure yet. This statement by Biden has to do with the fact that the REvil group is believed to have ties to Russia.
This new rating for ransomware hacks followed a major attack on a US oil pipeline, which It left a large part of the country’s southeastern coast without fuel supply for several days. Finally, that episode ended with a 75 BTC reward payment for the hijacked information. Although the country’s federal forces claim to have recovered the amount paid, those responsible for the attack claim to have withdrawn a large part of the funds before the seizure.
