Poor Kevin Collier – NBC News
Collection pirates Who claims to be behind A wave of cyber attacks over the weekend July 4th says it has shut down more than 1 million devices and demands $70 million Bitcoin to release them.
REvil, a criminal group with Russian connections, is He became famous for hacking the American company JBS at the beginning of last month, one of the world’s largest meat suppliers, has halted operations across most of North America for a few hours.
But the potential scale of this new attack is unprecedented, according to some cybersecurity experts.
Revel He started his attack on Friday Bargaining to run a cassette company software This helps companies manage their software updates.
Since many of its customers are companies that run Internet services for other companies, the number of victims has been rapidly increasing.
Rather than locking down single structured systems, as is often the case in cData theft cyber attacks (in English, ransomware), this time REvil Block hundreds of computers and servers By an action automatically posted across .’s customer network Cassed.
On Sunday, President Joe Biden noted that he had “dedicated all resources” of the federal government to the investigation into the attack.
Swedish supermarket chain Coop is by far the biggest known victim of the cyber attack, which forced it to close most of its 800 stores on Saturday.
Their online cash registers are monitored by Visma Esscom, one of Kaseya’s clients, and thus have been blocked and rendered useless.
The number of operating systems affected is still unknown, although it is expected to be a large number. Cybersecurity firm Huntress, which is helping Kaseya manage this crisis, understands that more than 1,000 companies are currently out of business.
Experts haven’t been able to confirm that more than a million devices have been compromised, REvil reported, given that few victims are public speaking, but it’s a reasonable number, according to Maiko Hypponen, a researcher at cybersecurity firm F-Secure. .
Hypponen explained, “Think of a chain store, every payment system is an endpoint. Every computer, every sales person has a system, multiple servers. [En] 200 stores [o] 300 stores, they alone will have thousands of endpoints. And if 1,000 companies like Coop are infected, yes, there will be a million “affected” endpoints.
Regardless of the actual number of affected, it is very difficult to imagine that they jointly pay the $70 million in ransom demanded, said Alan Liska, an analyst at cybersecurity firm Recorded Future.
“Despite the ranting at their remark, I think it’s actually a sign that they’re overwhelmed,” Liska said.
He said that if each victim paid $45 million as the criminals initially requested, that would mean a benefit of $45 billion. Liska. “So, they are going down [el rescate] 70 million dollars.