Revil Ransomware Attack On Kaseya Demands Over Rs. 500 Crores: What Makes It So Deadly?

Ransomware attacks on cyber firms have been a growing concern and new cyberattacks just add to the worry. The latest attack sweeping the headlines is the Kaseya ransomware attack. Carried out by the REvil group, this cyberattack on the IT software provider crippled the supply chain affecting the services of more than 1,000 companies.

But, the attack alone is not getting all the attention rather the massive $70 million (Rs. 520 crores) ransomware amount is. So what exactly is the case and how is this ransomware different from others? Here's all you need to know:

Kaseya Ransomware Attack: What Makes It So Deadly?

The Kaseya VSA ransomware attack carried out by the Russia-linked REvil group is possibly one of the largest hacks on any IT firm in recent years. The cyberattack came to light on July 2, following which the REvil group took to the dark web to demand a $70 million payout.

The reason this attack is being the centre of all attraction is due to its effects on at least a few hundred small and medium-sized firms. The REvil gang confirmed its attack via a post stating more than a million systems has been attacked and the negotiation price would be $70 million BTC.

The statement read, On Friday (02.07.2021) we launched an attack on MSP providers. More than a million systems were infected. If anyone wants to negotiate about a universal decryptor - our price is $70,000,000 in BTC and we will publish publicly decryptor that decrypts files of all victims, so everyone will be able to recover from the attack in less than an hour. If you are interested in such a deal - contact us using victims "readme" file instructions. (sic)".

The large sum payout is what differentiates this attack from others. REvil has been one of the notorious ransomware attack groups but has never demanded this huge amount from a firm. Besides, the large number of associated organizations with Kaseya that have been impacted by this attack is another factor.

All the affected companies have been spread across the globe and were using outsourced IT services from MSPs (Managed Service Providers) that were using Kaseya VSA provided software. While the exact numbers of affected firms are yet to be confirmed, Ross Mckerchar, VP Sophos suggests over 70 MSPs were impacted which in turn affected services of over 350 million small and medium organizations.

Is Kaseya Ready For Negotiations?

It is not yet confirmed if Kaseya VSA is ready to negotiate with the REvil group. However, investigations on this matter have already started. It is being reported that the FBI (Federal Bureau of Investigations) and other major cyber attack specialists have started looking into the matter.

We might see some developments going forwards. Nevertheless, if in case Kaseya gives in to the REvil group's demands, it would be the first such large payout to any cyber attack in history.