Kaseya Acquires Universal Decryptor to Help Ransomware Attack Victims

Divya  |  Jul 27, 2021

Leading IT service provider Kaseya announced on July 26 that it has acquired a universal decryptor to help its clients recover data lost during a recent ransomware attack. The company was hit was a security breach less than three weeks ago, which affected 1,500 businesses worldwide. Following the breach, hackers demanded $70 million in Bitcoin ransom to restore operations. This amount was later reduced to $50 million.

So far, the company denies paying ransom to the infamous Russian hacker group, REvil -- which took responsibility for the incident. Also, it is yet to reveal the origins of its decryption tool, hailed as100% effective at decrypting files that were fully encrypted in the attack.”

Kaseya Obtains Decryption Tool to Recoup Data Lost in Ransomware Attack

Launched in collaboration with cybersecurity firm Emsisoft, the tool has already unlocked some of the data lost to last month's attack. It is available to any of the affected companies that approach Kaseya. As per reports, the hack is said to have exploited a vulnerability in the company’s VSA remote management software.

For its part, Kaseya has maintained that the decryption software has no connection with the REvil group. In an official statement, the company noted: “We are confirming in no uncertain terms that Kaseya did not pay a ransom – either directly or indirectly through a third party – to obtain the decryptor.”

Despite warnings from the Treasury Department, many large firms have resorted to paying ransoms in the past to regain access to their systems. In June, meat giant JBS paid $11 million in Bitcoin after a ransomware attack -- also organized by the REvil group -- crippled its facilities. Before that, the Colonial Pipeline shelled out $4.4 million worth of Bitcoins to pay another Russian hacker group called DarkSide. Some of this amount was later recovered by federal law enforcement. 

Rising Number of Ransomware Attacks and Diplomatic Measures

Under the Biden administration, United States has shown zero tolerance for state-sponsored cybercrimes targeting sensitive infrastructure in the country. President Joe Biden himself has warned Russian President Vladimir Putin of dire consequences, should Russia continue to harbor cybercriminals within its borders.

In the meantime, lawmakers in the US have blamed cryptocurrencies for the rise in cybersecurity incidents. Many believe that digital assets facilitate ransomware attacks since they are the preferred mode of payment.

Altogether, cybersecurity attacks have cost companies almost $81 million this year, according to blockchain data provider Chainanalysis. The spike in these attacks and their association with cryptos is a worrying trend for crypto lobbyists and investors, who are working to address regulator concerns about the booming sector.

 

Related News