Guiding your life’s biggest financial moments

Small Business

Cyber ​​Security CEOs: Hackers Demanding $ 70 Million From Global Ransomware Attacks Won’t Get As Much

An international ransomware attack that started with Florida-based IT company Kaseya will not net the full $ 70 million its Russia-linked hackers are demanding, Huntress CEO Kyle Hanslovan told CNBC on Tuesday.

“It wouldn’t surprise me if someone had to pay the ransom to make it closer to $ 40.” [million] at $ 50 million, “said Hanslovan, whose cybersecurity firm has been helping Kaseya with its incident response and disaster recovery since Friday’s breach.

“That said, I haven’t seen anything that suggests Kaseya will pay for the universal decryptor, which is the one that decrypts both their customers and their customers’ customers,” Hanslovan added in an interview. ” Squawk Box “.

The REvil hacker gang is publicly asking for $ 70 million in cryptocurrency to unlock data from the attack, which has spread to hundreds of small and medium businesses in a dozen countries.

Jack Cable of cybersecurity-focused Krebs Stamos group told Reuters that one of the group’s subsidiaries, in a private conversation, had already expressed willingness to lower the asking price for a “universal decryptor” to $ 50 million. dollars. While it can be difficult to determine who is speaking on behalf of the hackers, Cable said his conversations suggested that they are “certainly not committed” to their $ 70 million claim.

Kaseya CEO Fred Voccola said on Monday that between 800 and 1,500 companies were affected by the attack, with the fallout set to continue on Tuesday as people return to the office after the July 4 weekend.

“I guess it would be [that the] total number of companies, and from everything we’ve seen, hackers don’t have a feedback loop as to how many people have been compromised, ”said Hanslovan, adding that the hackers’ allegations of having infected 1 million systems was just “bragging”.

Cyber ​​security experts said the gang targeted software vendor Kaseya using its network management package to spread the ransomware through cloud service providers. The breach temporarily closed hundreds of Swedish Coop grocery stores after cash registers were locked. It has also affected more than 10 schools and several kindergartens in New Zealand.

The company is headquartered in Miami and has offices throughout the United States, Canada, Europe and the Asia-Pacific region.

“Everyone has been awakened to a synchronized attack. It means they’re targeting managed service providers, and it’s kind of a one-to-many attack that affects many industries,” Hanslovan said, stressing that healthcare companies, law firms and even federal entities have faced similar attacks.

The White House said on Sunday it was reaching out to victims of the attack “to provide assistance on the basis of a national risk assessment.”

You may also like...

Leave a Reply