In the US, the world’s largest ransomware attack to date took place earlier this summer. Hackers attacked Kaseya, an American information technology services company. The FBI urged the company’s clients to shut down their servers and report the incident if they suspected an attack. However, it warned of the large scale of the attack and the inability of investigators to work with each incident individually.
The ransomware group REvil from Russia managed to infect the software update files directly with the malware, and the infected update was then automatically downloaded by individual devices using the system. The attack on the so-called supply-chain is much more serious and its consequences are more devastating. More than a million devices in around 1 000 companies and at least 17 countries have been infected. Among those attacked were larger end customers such as Coop, Sweden’s largest supermarket chain, which had to close nearly 800 outlets after its POS systems were crippled.
Attacks on strategic targets are increasing
Hacking attacks in the US have become one of the biggest security problems facing the administration of President Joe Biden. In May, hackers from the group DarkSide exploited the home office during a coronavirus pandemic and attacked Colonial Pipeline. They temporarily suspended its pipeline operations, providing fuel distribution for about half of the U.S. East Coast. Colonial Pipeline subsequently paid millions of dollars in the cryptocurrency bitcoin to regain control of its computer systems. It was later reported that hackers were eventually able to seize most of the funds.
The attack on SolarWinds was equally serious. Through weaknesses in the software, hackers gained access to the computer systems of a number of US agencies and thousands of private companies.
Ignorance = loss of money and credibility
But the problem is not just about the US. In Slovakia, 80% of companies have experienced some form of cyber-attack. Ľubomír Kopáček, a cybersecurity expert at GAMO, warns that Slovak companies do not pay enough attention to cybersecurity. “They consider it an unnecessary investment. They don’t realise that they may lose valuable data, sensitive information, the production process may be compromised, and what’s at stake, besides the loss of money on the buyout, is the loss of credibility with clients or suppliers that they’ve built up over the years.” The inability to learn is compounded by the fact that companies that have already been attacked by hackers are convinced that they would rather pay a one-off fee and not worry about the security of their data on a regular basis. GAMO CEO Rudolf Latiak has a clear message to this attitude: “The good feeling of saving money only lasts until something serious happens. Eventually, then the doubters lose more than they saved and, in the worst case, everything.”
Did they pay $60 million?
Kaseya eventually obtained a universal decryptor from an unnamed partner, which first passed a functionality test and was then sent out to affected customers. The information whether the attacked company paid a ransom of approximately 60 million dollars has not been confirmed or denied by the competent authorities.
