Current:Home > FinanceA Ransomware Attack Hit Up To 1,500 Businesses. A Cybersecurity Expert On What's Next-DB Wealth Institute B2 Expert Reviews
A Ransomware Attack Hit Up To 1,500 Businesses. A Cybersecurity Expert On What's Next
View Date:2024-12-24 00:47:27
Criminals unleashed a massive ransomware attack in more than a dozen countries on Friday, affecting up to 1,500 organizations around the world, including a supermarket chain in Sweden and schools in New Zealand.
Security researchers linked the attack to a group called REvil, a Russian-speaking gang responsible for a ransomware attack on meat processor JBS at the end of May.
In the current incident, the attackers found a vulnerability in the product of Kaseya, a U.S.-headquartered company that provides software tools to its clients — IT outsourcing companies — which in turn provide services to their clients. Kaseya estimates that as many as 1,500 "downstream" businesses were affected.
Hackers have demanded $70 million in cryptocurrency in exchange for a key that decrypts all of the victims' data.
"The scale and scope of this attack is really unprecedented," cybersecurity expert Dmitri Alperovitch tells NPR.
Most of the affected organizations are small and medium businesses, such as dentist offices, car dealers, libraries, schools and grocery stores, says Alperovitch, chairman of the nonprofit group Silverado Policy Accelerator and a co-founder of CrowdStrike, a cybersecurity company.
The origin of the attack is still under investigation. But just last month at a summit with Russian President Vladimir Putin, President Biden warned the Russian leader that the U.S. would respond if the Russian government continued to allow cybercriminals to attack targets in the U.S.
On Tuesday, Biden said that the attack caused "minimal damage to U.S. businesses," but that his administration was still learning more.
Alperovitch talked with Morning Edition about how the attack worked, why the attackers chose Kaseya, and how the U.S. should respond to the Russian government allowing cybercriminals to operate. Here are excerpts, edited for length and clarity:
Why choose a company like Kaseya?
It really gives you unprecedented reach. So the hackers found what is known as a zero day vulnerability, a previously unknown vulnerability in Kaseya's product. And then they literally scan the internet to find anyone that's using that software and started compromising each and every one of the customers that had that software on the internet. Now, it turns out that many of Kaseya's customers are actually not end users, but managed service providers, companies that manage networks for small organizations. And as a result of hitting those companies, they had access to hundreds of victims within each.
These hackers are believed to be based in Russia and to operate with impunity. And last month, President Biden told Russian President Putin that these ransomware attacks have to stop. What does this latest attack tell you about Putin's response?
One thing is clear: that at best, Putin is dragging his feet and is not dealing with this issue. It is quite clear that the Russian intelligence services, Russian law enforcement, is capable of identifying these people and arresting them and prosecuting them. They're not yet doing that. And it is time, I believe, for President Biden to deliver an ultimatum to Putin that either these attacks will stop or the U.S. will start enforcing very severe sanctions against the Russian energy sector.
The hackers are offering a universal decryption tool for everyone's data if someone steps up and pays $70 million. Why offer something like that?
Clearly, they think that perhaps they can pressure Kaseya into paying that amount, given that their software was responsible for this breach. And they realize that going to 1,500 organizations and trying to get a ransom from each one is going to be very difficult because many of these small businesses have been hit so hard during the pandemic and will be hard pressed to find money to pay a significant ransom to these criminals.
Did REvil bite off more than it could chew, so to speak, by going after so many at the same time?
I don't think so. I think it remains to be seen whether this action crossed the red line and will suffer a severe response. But it's clear that the U.S. government needs to engage in a serious discussion about how do we go after these cybercriminals, using our intelligence community, using our Cyber Command capabilities to try to disrupt their operations just like we do against terrorist groups.
Is there proof that there are links between this gang and the Russian government?
There is no proof of that. And in fact, it's probably unlikely that the Russian government is working with them or is directing them in any way. But it's pretty clear with 20 years of history of cybercriminals operating freely from Russia without any harassment from Russian law enforcement, even though the U.S. government and other governments have provided detailed information to Russian law enforcement about these criminals, so at a minimum, they're providing safe harbor to them.
Milton Guevara and Scott Saloway produced and edited the audio interview. James Doubek produced for the web.
veryGood! (448)
Related
- Pete Rose fans say final goodbye at 14-hour visitation in Cincinnati
- Lil Rod breaks silence on lawsuit against Sean 'Diddy' Combs: 'I'm being punished'
- Workers are breaching Klamath dams, which will let salmon swim freely for first time in a century
- Backpage.com founder Michael Lacey sentenced to 5 years in prison, fined $3M for money laundering
- Old Navy's Early Black Friday Deals Start at $1.97 -- Get Holiday-Ready Sweaters, Skirts, Puffers & More
- Woman files suit against White Sox after suffering gunshot wound at 2023 game
- Georgia’s former first lady and champion of literacy has school named in her honor
- Sweaty corn is making it even more humid
- Beyoncé's Grammy nominations in country categories aren't the first to blur genre lines
- Mae Whitman Gives Birth, Names Her First Baby After Parenthood Costar
Ranking
- Watch as dust storm that caused 20-car pileup whips through central California
- 'Yellowstone' First Look Week: Jamie Dutton doubles down on family duplicity (photos)
- Video shows long-tailed shark struggling to get back into the ocean at NYC beach
- Don't Miss Kate Spade Outlet's Labor Day Sale: Chic Bags, Wristlets & More Up to 81% off, Starting at $19
- Kelly Rowland and Nelly Reunite for Iconic Performance of Dilemma 2 Decades Later
- At 68, she wanted to have a bat mitzvah. Then her son made a film about it.
- Slow down! Michigan mom's texts to son may come back to haunt her
- Lil Rod breaks silence on lawsuit against Sean 'Diddy' Combs: 'I'm being punished'
Recommendation
-
Kansas basketball vs Michigan State live score updates, highlights, how to watch Champions Classic
-
Stefanos Tsitsipas exits US Open: 'I'm nothing compared to the player I was before'
-
Tennessee not entitled to Title X funds in abortion rule fight, appeals court rules
-
'Beloved' father who was clearing storm drains identified as victim of Alaska landslide
-
American arrested in death of another American at luxury hotel in Ireland
-
Jury returns to deliberations in trial of former politician accused of killing Las Vegas reporter
-
Ludacris’ gulp of untreated Alaska glacier melt was totally fine, scientist says
-
'Robin Hood in reverse': Former 'Real Housewives' star convicted of embezzling $15 million