Information Technology (IT) systems of several thousands of companies have been affected by a global ransomware attack by REvil. Firms from at least 17 countries across the world, small and big, have been affected by the biggest ransomware to date. It is said that the hack originated from Russian backed hackers on Friday, and they are demanding a ransom of $70 million in crypto currency — Bitcoin.
The hackers infiltrated VSA, a Kaseya software that manages several large networks. Fred Voccola, CEO of U.S. based Kaseya posted on Monday that the IT firm had been hacked. He said that about 60 clients had been affected by the ransomware. However, these companies provided IT support to several other companies which provided a domino effect. In technical terms, this attack is technically called a “supply chain” attack.
REvil hackers brought together a supply chain attack with a ransomware attack which exploited the company’s IT systems. The hackers will provide a universal decryptor software key which could unscramble all the networks after the ransom is paid.
Some of the larger companies around the world who have been affected include
- Swedish Coop grocery chain
- Swedish company Visma Esscom
- VelzArt — a Dutch IT company
- Hoppenbrouwer Techniek — a Dutch It company
Thousands and thousands of unnamed small and medium companies have also been affected in Germany, the U.K., New Zealand and the U.S.
The level of the attack has been much wider and more sophisticated than anticipated. Cyber experts say that a single ransom demand of $70 million has been made by the hackers as they themselves will find it difficult to manage it as it became a larger than anticipated attack. It has also got much wider attention than what was anticipated by the group.
President Biden has asked the FBI to investigate. He has also warned Russia that action will be taken against the country if it is found to be responsible for the attack.