Hackers Demand $70 Million to Free Businesses

A hacking group known as REvil, the same Russian-language group that was behind the attack on meat processor JBS, is believed to be behind the sprawling ransomware attack that hit hours before the beginning of the July Fourth holiday weekend and is demanding $70 million to unlock the thousands of businesses affected by it, reports the Washington Post. The attack was carried out through software that helps businesses manage their computer systems, made by Miami-based firm Kaseya. The company sells its tool to many large managed service providers, who in turn help small and midsize businesses monitor and control their computer networks.

Kaseya chief executive Fred Voccola estimated the number of affected companies to be in the low thousands, made up almost entirely of small businesses. Already, the ransomware attack has temporarily shut down hundreds of Sweden’s Coop grocery stores because the cash registers were locked. In New Zealand, nine schools were affected in some ways, forcing some students to shut down their computers. ESET Research said on Twitter it had identified victims in 17 countries so far. REvil’s request for a joint ransom is likely an acknowledgment that the hacking group wants to end the attack quickly, said Allan Liska, a researcher with the cybersecurity firm Recorded Future. The group wants the funds in bitcoin and said if it receives the money it will publish a “decryptor key,” or a computer code that will unlock the victims’ files.