Massive ransomware attack: Russia-linked REvil ransomware

Joe Biden orders probe of latest ransomware attack; Russia-linked REvil ransomware gang under the spotlight

US President Joe Biden said on Saturday he has directed U.S. intelligence agencies to investigate who was behind a sophisticated ransomware attack that hit hundreds of American businesses and led to suspicions of Russian gang involvement.

The hackers who struck on Friday hijacked widely used technology management software from a Miami-based supplier called Kaseya. They changed a Kaseya tool called VSA, used by companies that manage technology at smaller businesses. They then encrypted the files of those providers’ customers simultaneously.

A massive ransomware attack on the software supply chain has impacted more than 1,000 businesses so far, and the number may continue to grow. The attack has focused on managed service providers, which provide IT services primarily to small- and medium-sized businesses. Such attacks can have a multiplying effect, since the hackers may then gain access and infiltrate the MSPs’ customers too.

On Thursday, U.S. and British authorities said Russian spies accused of interfering in the 2016 U.S. presidential election have spent much of the past two years abusing virtual private networks (VPNs) to target hundreds of organizations worldwide.

On Friday, Russia’s embassy in Washington denied that charge.

Secure Work at home

Covid 19 related Phishing attacks :

During the current Corona crisis, the people are are at home more often. Adding to that, employees are working from home more than ever before. This presents itself as great breeding ground for cyber criminals.

Phishing attacks are setup in a way to send the victims to websites with fake information about the Coronavirus. Often times, these sites use the user’s system resources to earn cryptocurrency like Bitcoin – All without the approval of the user .

Ransomware :

Ransomware encrypts files on computers and ask the user for a ransom in return of the original files. The rise of a cryptocurrency like Bitcoin surely helped ransomware attacks, as it allows the malicious actor to be more anonymous. In 2021 and onwards, it’s possible to see more sophisticated attacks going on.