Hacker group locks up a million devices and demands $70 million in ransom

Photo (c) Suebsiri Srithanyarat EyeEm – Getty Images

While many consumers were celebrating the Fourth of July, a ring of international hackers were celebrating for an entirely different reason. Over the holiday weekend, the cybercrooks locked up more than a million individual computer devices and were demanding $70 million in bitcoin as a ransom.

The hackers have been identified as REvil, the Russian group known for hacking meat supplier JBS earlier this year. This time around, REvil compromised Kaseya Limited, a U.S. software company that develops IT management software. 

The hack affected many of Kaseya’s customers, including the Swedish grocery store chain Coop. It forced the company to close more than half of its 800 stores and rendered the retailer’s cash registers and self-service checkouts inoperable.

Hackers upping their game

Cybersecurity analysts worry that REvil has pushed the limits of hacking further than experts are equipped to handle. Some of Kaseya’s customers are firms that oversee internet services for other companies, so REvil was able to snowball the number of victims rapidly. 

While many hack attacks try to tie up a single, standalone company, REvil was able to isolate each computer in Kaseya’s list of customers and ransom it separately. Reports say that REvil’s initial ransom request was for $45,000 to unlock each individual device.

On its face, Kaseya’s situation sounds dire. However, the company said things aren’t as bad as they seem.

“While impacting approximately 50 of Kaseya’s customers, this attack was never a threat nor had any impact to critical infrastructure,” said Fred Voccola, the company’s CEO. “Many of Kaseya’s customers are managed service providers, using Kaseya’s technology to manage IT infrastructure for local and small businesses with less than 30 employees, such as dentists’ offices, small accounting offices and local restaurants.”

Added up, Voccola said only 800 to 1,500 of Kaseya’s customers were compromised by the hack out of an estimated 800,000 to 1,000,000 local and small businesses it manages. Nonetheless, Voccola said his company’s global teams were working around the clock to get our customers back up…