A new month, a new major attack: on Monday night, cyber criminals demanded the record sum of 70 million dollars in return for making previously hijacked, encrypted and thus digitally held hostage data from numerous companies all over the world accessible to their users.
This was explained by a hacking group known as REvil in a blog post.
Specialists assume that the entry is real.
The group has appeared in several major hacker attacks.
Winand von Petersdorff-Campen
Business correspondent in Washington.
Follow I follow
Stephan Finsterbusch
Editor in business.
Follow I follow
Attacks on the network computers of the American IT service provider Kaseya were launched at the end of last week.
The hackers succeeded in first installing a virtual back door to the servers, then opening it and thus penetrating his computer.
From there they worked their way up to the systems of a few Kaseya customers.
They hijacked and encrypted their data.
In order to set them free again, a special program is needed.
It is only provided for a ransom.
The authorities in America are investigating and politicians in Washington are alarmed.
The attack has consequences as far as Europe.
German companies are also affected
According to the German Federal Office for Information Security (BSI), it also affects computers in Germany. When employees in some companies tried to boot their computers on Monday, the screens remained blank. In the course of the day, other affected parties contacted BSI, including two IT service providers. Due to the global networking of the economy and after the news about the attack on Sunday, it was expected. The BSI did not provide names or details. In Sweden, the cash register systems of a large retailer were blocked. The company Kaseya, which offers IT solutions "for monitoring, management, security, cloud", has so far assumed that it no longer caught 40 of its customers. All in all, the IT service provider has 36,000 customers.
The White House has not yet confirmed that Russian hackers were behind the cyber attack. She had met the United States just before the major national holiday. Nevertheless, cyber experts assume that REvil is behind the attack, which operates from Russian soil. If the suspicion is confirmed, Russia faces consequences. Less than a month ago, American President Joe Biden urged Russian President Vladimir Putin to no longer allow hackers a safe haven. According to American security authorities, Russian cyber criminals had previously paralyzed an important gasoline pipeline on the American east coast and attacked one of the largest meat processors in the country.
According to his own statements, Biden ordered an investigation into the attack.
If the attack took place with the knowledge or tolerance of Russia, then its government will respond.
He told Putin that.
The White House is now treating hacker attacks as a threat to national security, as authorities are increasingly targeted.
So far, however, the American government has refrained from countering cyber attacks with cyber attacks.
Attitudes towards this are increasingly divided among the security experts advising the president.
Not letting faith decide over anything
According to the American services, groups like REvil are tolerated by the Russian government as long as the attacks are not directed against domestic agencies. According to experts, it is no coincidence that the hackers started the attack before Independence Day, which for many Americans is part of an extended weekend off that also includes today's Monday. As a result, many companies may not yet know that they have been attacked. REvil claimed on its "Happy Blog" that one million devices had been infected with the malicious encryption software. She also circulated a list of allegedly affected companies on Twitter.
FBI chief Christopher Wray said in a recent Congressional hearing that cyber threats were growing almost exponentially. Cases of blackmail software, with which the criminals take IT systems or data hostage until the ransom has been paid, have tripled in the previous year. The federal police are investigating 100 different versions of blackmail software, Wray said. The American government has stepped up its efforts to protect itself from attacks. A REvil hacker commented on this upgrade, according to the Washington Post, saying it would work all the harder.