TL;DR Breakdown
- Kaseya denies paying ransom to ransomware attackers.
- JBS, Colonial Pipeline pays ransome to hackers.
- Joe Biden takes active steps to end cyber attacks.
The horrors of ransomware attacks persist despite continued efforts by American President Joe Biden and other countries to curb the attacks.
However, the most recent Ransomware attack believed to be perpetrated by the daredevil Russia-based hacking group REvil was met with stiff resistance from the victim.
Kaseya, an IT firm was targeted and despite being shut out from administrators’ access to its files, the firm has resisted paying a ransom of $70million to its attackers. The firm announced days after the attack that it had received a decryptor key to undo the attack suggesting it finally succumbed to pay its hackers.
The IT firm dispelled notions that it paid the hackers on Monday confirming that the hackers got nothing from them even after they managed to decrypt the hack.
“We are confirming in no uncertain terms that Kaseya did not pay a ransom—either directly or indirectly through a third party—to obtain the decryptor,” it said in an update on its website.
The firm noted that after consultations with experts, they decided to not negotiate with the criminals who perpetrated this attack.
Why Kaseya’s resilience remains surprising
It remains a mystery that the firm has reeled out of the attack and did not pay a dime in ransom to its hackers. Although paying ransoms to hackers could be a violation of US sanctions against specific foreign actors, some firms have paid ransom to attackers in the past.
JBS, one of the biggest meat processors in the US paid an $11 million Bitcoin ransom to REvil in June after meat supply got threatened in the US.
Colonial Pipeline paid a $4.4 million BTC payment to Russia-linked DarkSide before JBS, although it did so after consulting with the Justice Department.
Joe Biden’s effort to end Ransomware attacks
The US president has taken series of active steps to stop the spate of ransomware attacks globally.
He made the first diplomatic move during the G7 meeting where superpowers had to talk about ending the attack globally. Biden also met with Russian President, Vladimir Putin diplomatically where they discussed on how and why they need to stop these Ransomware attackers.
Lastly, reports had it that US authorities would set up a task force not only to curb Ransomware attacks but also trace ransoms cybercriminals have received from such ransomware attacks in the past.
Andy Bennett a Chief Information Security Officer (CISO) at Apollo Information Systems advised the US government to collaborate with other actors to put a lasting end to cybersecurity attacks in the US.
