A gang of suspected Russian hackers calling themselves REvil is demanding $70 million in Bitcoin from cyberhacking victims, after conducting one of the largest ever acts of ransomware attacks in history.
The attack follows the high-profile ransomware attack on Colonial Pipeline, which is primarily responsible for the transportation of gas on the east coast.
The gang is demanding that victims pay up in exchange for a decryption tool that will enable them to regain access to their systems.
According to Radio Free Europe, security experts are continuing to assess the extent of the damage, which is believed to affect thousands of victims in at least 17 countries after the hackers attacked U.S.-based firm Kaseya, which provides IT services to around 40,000 businesses worldwide.
Kaseya CEO Fred Voccola says that only around 50 to 60 of the company’s customers were directly compromised, but 70 per cent of the affected customers were so-called “managed service providers” that used Kaseya’s software, which was compromised, to manage multiple customers.
Speaking to the Associated Press, Voccola said that this means that potentially thousands of small and medium-sized businesses could be impacted by the ransomware. He declined to offer details of the breach except to say the company was not the victim of “phishing” and that “the level of sophistication here was extraordinary.”
“Phishing” is when a victim opens a seemingly legitimate email and clicks on a link to a website that installs intrusive software onto the victim’s computer, providing unfettered access to the system and its network.
According to cybersecurity experts, many of the companies affected by the hack may not even know they’ve been impacted by the attack until they reopen this week following the 4th of July long weekend. Experts say that the attack was intentionally launched at the start of the holiday weekend to catch systems administrators off guard.
The FBI and the U.S. Cybersecurity and Infrastructure Agency are currently investigating the hack and asked companies to report any incidents to them, but warned that the scale of the attack may make it difficult for the government agencies to respond to every individual victim.
In a statement, Anne Neuberger, the White House deputy national security advisor for cyber and emerging technology, said that the FBI and the DHS “will reach out to victims to provide assistance based upon an assessment of national risk.”