VIDEOThe suspected perpetrators behind last weekend’s massive cyber attack have demanded a ransom of $70 million in bitcoin to release the data of all the affected companies at once. The perpetrators make this known on their blog.
5 Jul. 2021
“If anyone wants to negotiate a universal decryption key – our price is $70 million in bitcoin, then we will publicly post a key that will decrypt all victims’ documents so that everyone can be recovered from the attack within an hour,” the statement said. hackers know in a blog post on the dark web.
Cyber specialists tell Reuters news agency that they suspect that the hackers have lost control of the hack and hope to quickly resolve the situation with this one-off amount. “They have taken a little too much on their fork.”
This weekend, thousands of companies in at least 17 countries were hit by a massive hacking attack. It is the biggest attack ever. Systems were locked down by the Russia-linked hacking group REvil. In Sweden, for example, this resulted in supermarket chain Coop having to temporarily close almost all 800 stores in the country. In the Netherlands, the Udenhout technical service provider Hoppenbrouwers is one of the victims.
The company of Henny de Haas was also a victim of the attack, but in the end it came out relatively well. Watch an interview with De Haas below.
Many small businesses suffer
The ransomware was distributed via so-called VSA software from the American software supplier Kaseya. VSA is widely used by IT service providers, who use this program to remotely maintain and manage their customers’ systems. Kaseya has about 37,000 customers. The company estimates that about 50 to 60 percent of those are infected by the ransomware. Small businesses such as dental practices and libraries are particularly affected, Kaseya suspects.
Hacking group REvil is also said to be behind last month’s hack at the American meat processing company JBS, which shut down a significant part of the American meat processing industry. The company paid a ransom of $11 million after the cyber attack.
‘Wake up call’
“This is a wake-up call,” cyber expert Dave Maasland said of the hack this weekend Eindhovens Dagblad: ,,Rutte has to talk about this at the highest level. In the Netherlands in particular, we are extremely digitized. What if a telecom provider is hit next time? It is important that citizens also know: this is not something that only happens digitally in the cyber world. This can affect anyone.”
President Biden said yesterday that he would take action against Russia if it appears that the Russian government has anything to do with the hack. During their meeting in Geneva last month, Biden urged Putin to take action against the hacker collectives operating in his country. Biden added that possible retaliatory hacks are not out of the question.
Incidentally, a group of Dutch volunteer cyber experts knew about the mega hack almost avoidable. A few weeks ago, Wietse Boonstra of the Dutch Institute for Vulnerability Disclosure (DIVD) came across a dangerous flaw in Kaseya’s software. It turned out to be possible with a simple action to place files on the servers of companies that used Kaseya’s services, explains Gevers. “As if there was a string hanging from the letterbox to open the door.”
The DIVD immediately alerted Kaseya. The Americans, together with the Dutch, went to great lengths to get the security back in order. The solution turned out not to be simple, we worked hard for weeks, says Gevers. “The company did everything it could. It hired 500 people and even bought an additional IT security company.” Kaseya had just closed the security hole to himself when the painful news broke through Friday night: Russian ransomware group REvil had also found the leak and struck.
Watch our tech videos here:
Free unlimited access to Showbytes? Which can!
Log in or create an account and never miss a thing from the stars.