Kaseya, an IT provider based in Florida, was the subject of one of the biggest ever ransomware attacks at the beginning of July. Kaseya’s cybersecurity team worked across the Independence Day weekend to try and limit the effects of the attack. However, it was soon clear that they’d been hit by sophisticated ransomware that had stolen customer data. As Kaseya is a managed service provider, the malware was also pushed to clients’ systems. Kaseya estimated that between 800-1,500 customers were affected. The hacker group responsible, REvil, demanded $70million as ransom.
The consequences of the Kaseya ransomware attack were seen across the globe in early July. A hundreds of businesses were hit, causing a knock-on effect to many essential suppliers. One company affected was the Swedish supermarket chain Coop. Around 500 Coop shops closed in the days following the attack, leaving many people having to travel further to buy essential supplies. The attack, which spread to many of Kaseya’s clients through its software, left Coop’s checkouts and self-service sections unable to operate. This attack is one of many seen recently which have directly affected the daily lives of ordinary people.
US president Joe Biden spent an hour on the phone to Russian president Vladimir Putin following the Kaseya attack, insisting that Russia do more to prevent hacker gangs. Cybersecurity has rapidly become one of Biden’s biggest concerns since he took office in January, following a series of high-profile attacks on US organisations. It is suspected that many gangs responsible for these attacks are based in Russia. Biden has made it clear that he expects Russia to do more to combat the attacks and that he is prepared to retaliate if incidents continue.
A Russian-linked hacker organisation disappeared from the internet on 13th July. REvil, one of the most prolific ransomware gangs, has claimed responsibility for several high-profile hacks in 2021, including JBS and Kaseya. Several of REvil’s websites, including a blog and a ransom payment site, were taken offline without warning. It is not yet clear if this was carried out by REvil or by outside security forces. However, it comes after President Biden warned that retaliation could be carried out against attackers. Security services have threatened to crack down on ransomware gangs after a number of high-profile incidents in 2021.
The European Union has made plans for a new organisation to respond to cyber-attacks. The Joint Cyber Unit will allow quicker and more coordinated responses when a member country suffers an incident. The EU joins the UK and USA in creating dedicated cybersecurity teams this year, mostly in response to the escalating threat from ransomware. Many EU countries have dealt with the effects of ransomware in 2021, including attacks on police services and hospitals. In creating this team, the EU will attempt to avoid further assaults against critical infrastructure.
According to Lindy Cameron, the head of the UK’s National Cyber Security Centre, the threat of cyber-attacks is one of the gravest of the modern era. Cameron described cyber attacks as the “primary key threat” facing the UK. The threat is applicable to “citizens, businesses and critical national infrastructure” said Cameron, and a more cohesive national effort is needed to fight ransomware in particular. Ransomware has become hugely profitable for many criminal gangs, who target organisations knowing that they may pay huge ransoms in order to avoid service downtime, leaked sensitive data, or information loss.
