American IT group Kaseya has good news for companies that have been hit by a cyber attack that could spread through the company’s software. The IT company has been given a key with which encrypted data can be released to the affected companies.
In the attack in early July with the so-called REvil ransomware, hackers were “hostage” in many important corporate data, systems or documents. After intrusion into the victims’ systems, they encrypt this data and release it only after the ransom is paid.
Kaseya has now reported that she received a so-called decryption, the key to the hostages’ data, from a trusted third party. The company has not revealed who made this decryption software available.
big hit
REvil is a group of hackers associated with Russia. The group had previously demanded $70 million for a global key to release all data held hostage. The group’s pages were deleted from the dark web over a week ago. It is not clear whether this happened on her own initiative or after pressure from the authorities in the United States, Russia or other countries.
Kaseya estimates that as many as 1,500 companies may have been affected by the REvil attack. The cybercriminals were able to make such a big impact because they were able to build a back door into the software that Kaseya sells to many other IT companies. These companies, in turn, help many small and medium-sized businesses manage and secure their IT, giving REvil access to a huge network.
barn
One of the most notable victims of the REvil attack was the Swedish branch of the supermarket chain Coop. Hundreds of stores were forced to close because cash register systems were paralyzed. Companies in the Netherlands have also been affected, but the damage is said to have been limited.
It remains to be seen whether all the problems will end with the release of the documents taken hostage. IT security officers have pointed out that an attack like the REvil attack can also steal a lot of data that cybercriminals can use again.
You can follow these topics
