Hackers demanding $70M to restore data in massive cyberattack: report
Hackers believed to be responsible for a massive worldwide ransomware plot demanded $70 million on Sunday in exchange for the data they are holding hostage.
The demand was posted on a blog usually used by the Russian-linked REvil cybercrime gang, Reuters reports. This group is considered to be among the world’s most ardent extortionists.
The ransomware attack was carried out on Friday, targeting Miami-based technology firm Kaseya. The group used Kaseya’s access to clients as well as some of their clients’ clients to immobilize the computers of hundreds of technology firms worldwide, Reuters noted.
According to Kaseya, less than 60 of its clients were directly affected by the hack. About a dozen countries were affected by the breach, as were institutions such as schools, travel and leisure organizations, credit unions and public-sector bodies.
Though it is often unclear who is speaking on behalf of the organization due to its affiliate structure, cybersecurity expert Allan Liska told Reuters that these demands are “almost certainly” from REvil’s core leadership.
The White House on Sunday said it is reaching out to the victims of the hack, Reuters reported.
Anne Neuberger, White House deputy national security adviser for cyber and emerging technology, said the FBI and Department of Homeland Security’s cyber arm “will reach out to identified victims to provide assistance based upon an assessment of national risk.”
President Biden said he had directed the U.S. intelligence agencies to investigate who was responsible for the attack.
Liska told Reuters that the believed REvil had taken on more than they could handle with this massive hack and the $70 million demand is likely the organization’s attempt at making the best of an awkward situation.
“For all of their big talk on their blog, I think this got way out of hand,” Liska told the news service.