the staff of the Ridgewood blog
Ridgewood NJ, a hacking group demanding $70 million infected the systems of a US information technology firm with ransomware over the Fourth of July weekend, impacting around 1,500 companies in at least 17 countries. REvil, the Russia-linked group behind another cyber attack on meat supplier JBS over Memorial Day weekend, took advantage of a software vulnerability to deploy this attack against Miami-based firm Kaseya. That software is sold to large managed service providers (MSPs), which assist small and midsize businesses, as well as local and state governments and agencies, in monitoring and controlling their computer networks.
A Swedish grocery chain shutting down most of its 800 stores due to crippled cash register software and nine schools in New Zealand forcing students to shut down their computers over various issues are examples of the attack’s wide-ranging impact. As Kaseya, cyber experts, and government authorities that include the FBI and the Cybersecurity and Infrastructure Security Agency investigate, REvil has posted on its dark web site that it would provide a decryption tool to unlock all victims’ files upon receipt of the requested ransom in cryptocurrency.
Analysts have reported seeing ransom demands between $45,000 to $5 million toward individual victims. It is unknown whether Kaseya, which noted the attack involved a high level of sophistication, intends to pay the ransom. The FBI discourages that practice since there is no guarantee decryption tools will be provided and it encourages future attacks.