There is a solution for the large-scale hack that affected some 1500 companies worldwide at the beginning of this month. The American company Kaseya, which supplies ICT management software and where the hack started, has a digital decryption key to unlock the computer systems.
Kaseya lets that know without mentioning how exactly it came to the key. That would come from a “third party”. The company now shares the key with all affected parties. Most companies have probably rebuilt or restored their computer systems from backups. It is likely that data was lost.
The hack began at Kaseya on Saturday, July 3, affecting some of the tech company’s customers. The computers of those companies were shut down, including a number of Dutch companies. In Sweden, the supermarket chain Coop had to close about 500 stores on the weekend of the hack because the checkouts no longer worked.
REvil
It is possible that the ransom was paid by Kaseya or the affected companies to get the key, but that is not certain. As is often the case after hacking attacks, a lot happens behind the scenes. Companies do not want to be known that they have paid a ransom. That could lead to new attacks.
The Russian hacker group REvil, short for Ransomware evil, or hackers affiliated with the group are blamed for the attack. $70 million in cryptocurrencies was demanded for the files to be released. Ten days ago, REvil’s blog and payment portal was gone. It is still not clear why this happened.
US President Joe Biden appealed to his Russian counterpart Vladimir Putin after the hack to take more aggressive action against Russian cybercriminals.