Kaseya hackers demand $70 million in massive ransomware attack
05 July 2021
Russian hackers suspected in this weekend's mass attack on software company Kaseya, which could affect thousands of companies worldwide, demanded $70 million to restore data they are holding for ransom, Reuters reports.
Why it matters: The hack is the latest and most dramatic in a series of high-profile ransomware attacks this year, exposing the pandemic-style threat that this type of cybercrime poses to companies and governments around the world.
Details: Hundreds of companies were directly hit by the supply-chain attack on Kesaya's VSA software, which provides IT services to small and medium-sized businesses, according to CNET. At least 36,000 companies were indirectly impacted.
- The Coop, one of Sweden's largest grocery chains, had to close 800 of its stores, according to the New York Times.
- Kaseya said in a Sunday night update that its executive committee will meet Monday morning "with a goal of starting the restoration process to bring our datacenters online by end of day on July 5," though it cautioned that this timeline could change.
What they're saying: "This is without a doubt going to turn out to be the biggest most destructive ransomware campaign that we’ve seen so far," tweeted Dmitri Alperovitch, co-founder of cybersecurity firm Crowdstrike.
- "Huge number of victims all over the world. Entire networks encrypted. No way to decrypt today without paying millions per network of any significant size."
The latest: The $70 million ransomware demand was posted to a dark-web blog typically used by REvil, the Russia-linked cybercrime gang behind the attack that crippled the U.S. operations of meat processor JBS.
- The White House said in a statement Sunday that President Biden has "directed the full resources of the government to investigate this incident," and urged businesses to adopt recommendations released last month to shore up their cyber defenses.
- The FBI asked businesses to report whether their systems have been compromised, but cautioned that it may not be able to respond to each victim individually "[d]ue to the potential scale of this incident."
Our thought bubble: Coming just two weeks after President Biden's personal warning to Vladimir Putin during the Geneva summit, the attack looks like the Russians thumbing their nose at the tough talk.
- "The initial thinking was it was not the Russian government but we're not sure yet," Biden told reporters on Saturday. "If it is either with the knowledge of and/or a consequence of Russia then I told Putin we will respond."
Go deeper: The ransomware pandemic
Transcripts show George Floyd told police "I can't breathe" over 20 times
Section2Newly released transcripts of bodycam footage from the Minneapolis Police Department show that George Floyd told officers he could not breathe more than 20 times in the moments leading up to his death.
Why it matters: Floyd's killing sparked a national wave of Black Lives Matter protests and an ongoing reckoning over systemic racism in the United States. The transcripts "offer one the most thorough and dramatic accounts" before Floyd's death, The New York Times writes.
The state of play: The transcripts were released as former officer Thomas Lane seeks to have the charges that he aided in Floyd's death thrown out in court, per the Times. He is one of four officers who have been charged.
- The filings also include a 60-page transcript of an interview with Lane. He said he "felt maybe that something was going on" when asked if he believed that Floyd was having a medical emergency at the time.
What the transcripts say:
- Floyd told the officers he was claustrophobic as they tried to get him into the squad car.
- The transcripts also show Floyd saying, "Momma, I love you. Tell my kids I love them. I'm dead."
- Former officer Derek Chauvin, who had his knee on Floyd's neck for over eight minutes, told Floyd, "Then stop talking, stop yelling, it takes a heck of a lot of oxygen to talk."
Read the transcripts via DocumentCloud.