By Dan Sholler
As U.S. national security officials and much of the cybersecurity community race to mitigate the fallout from the Kaseya incident, we’re served yet another reminder of how groups of scammers are making millions of dollars after years of honing their tradecraft. An estimate by IBM placed REvil’s 2020 profits at $123 million, first among ransomware gangs, while multiple firms said the gang’s malware was the most common digital extortion tool.
Note: In a recent development, a cybercriminal associated with the REvil Ransomware gang has been arrested, another one has been indicted, and over $6 million in assets have been seized.
A ransomware attack paralyzed the networks of at least 200 U.S. companies in July 2021. The REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack. Criminals targeted a software supplier called Kaseya, using its network-management package as a conduit to spread the ransomware through cloud-service providers.
What You Need to Know
- The U.S. government will begin offering up to $10 million for information to identify or locate threat actors working on behalf of foreign governments that are trying to cripple the internet operations of American businesses and infrastructure. The new reward was announced as the U.S. faces a growing threat from ransomware attacks.
- The REvil ransomware gang, implicated in the highprofile attacks on JBS and Kaseya, seems to have disappeared. Cybersecurity researchers report that the entirety of the group’s infrastructure, from extortion pages to servers, has gone offline. The group has even closed up pages advertising its services on the dark web. Even on the dark web, no trace of the group can be found.
- This attack shows that no matter the size or industry of your organization, it is vital to understand the critical updates you need to make today in your Incident Response Plan to ensure you mitigate risk and optimize your response process for ransomware incidents.
Expert Analysis by Daniel Sholler, Exterro Data Privacy
Risks related to data are growing, both from cyber attacks such as this one, as well as increased regulatory scrutiny and subsequent litigation risk. Organizations must minimize these risks by retaining only the data they need, and responding to security incidents quickly and effectively.
Data Privacy Tip
Today’s incident landscape is unprecedented and complex. Ransomware is now one of the biggest threats to businesses around the world. Learn how to navigate a ransomware incident and incorporate it into your corporate incident response playbook, using technology to optimize it.
Learn how in Exterro's Basics of Data Privacy chapter on Cyber incidents and data breach management.