Within a space of two months, three major ransomware attacks have occurred in the US. The victims in the latest attack are about 200 US companies. These companies had their networks grounded in a coordinated attack by a Moscow-based hacking group called REvil. REvil is now requesting a sum of $70 million in Bitcoin before the attack can be reversed.
According to reports, the coordinated attack was deployed against software company Kaseya whose cloud services it used in distributing the ransomware to the networks of the unidentified 200 US firms. Reports indicate that several other firms and stores across the continents were affected. A reputable Swedish store Coop had its IT payment systems grounded by the attack and had to shut down operations until it is resolved. It is not known if the $70 million in BTC payment will be made to reverse the attack.
Ransomware Attack on July 4
The ransomware attack took place over the July 4 Independence holidays because the group didn’t want the ransomware to be detected and forestalled. The attackers also posted a notice on a Dark Web site, HappyBlog and demanded for the $70 million BTC payment before a decrypter could be released to restore systems functions back to normal. REvil’s ransomware attack scrambled the data files of companies and caused companies systems to shut down. A railway service was also a victim in the attack.
The July 4 ransomware incident is not the only cyber-crime attack that has happened in a short period. In May, a different group attacked a gas conglomerate in the US. Colonial Pipeline systems were grounded by the hacker causing a shortage of gas in the United States.
Similar Ransomware Attacks Happened in May
Darkside, a group with affiliations to REvil, was responsible for the attack and directed the gas company to pay the sum of $5 million. Although the US company claimed they did not pay any ransom, however, the requested amount in crypto was paid. On that basis, the CEO of Colonial Pipeline will appear before the US Congress to explain why the amount was paid. During the incident, President Joe Biden warned the US gas firm not to gouge gas prices.
Another attack occurred on May 14 against leading global meat company, JBS Holdings, who was then compelled to pay $11 million to restore its system operations. In the two previous attacks, the group requested payments in cryptocurrency, particularly Bitcoin. President Joe Biden has condemned the attack and swore to take retaliatory actions against the hackers.
Even as the both groups are Russia-based, an FBI report has absolved the Russian government from being responsible for the attacks. However, Biden in a meeting with Vladimir Putin this year had submitted a report on areas on the American soil that Russia should not encroach on, alongside a threat if anything happened otherwise. Some US citizens have described Biden as weak against Putin. The crypto payments makes these groups of hackers untraceable, thereby confirming concerns about cryptocurrencies being used for illegal activities.