The hacking group REvil behind the “colossal” ransomware attack have now demanded over £50m to be paid in Bitcoin in return for their systems to be unlocked for all victims affected.
Although unverified, the group claims that after targeting the US IT firm Kaseya a few days ago, they have also attacked one million other systems as a result which included 500 Swedish Coop supermarkets and 11 schools in New Zealand.
On a recent Radio 4 interview Prof Ciaran Martin, founder of the National Cyber Security Centre said “The scale and sophistication of this global crime is rare, if not unprecedented,”
REvil are thought to be comprised of members largely based in Russia and countries who used to be in the Soviet Union. Prof Martin has openly slated Russia for providing a safe environment for ransomware hackers, but he has also commented that the West has been making it too easy for these gangs to be paid and “unsurprisingly they are coming back for more”. This statement once again refers to the issue and dilemma surrounding whether or not we should be allowed to pay these ransoms demanded. Once its proven we pay the companies are just funding groups to continue with added confidence that they will get paid again turning the process into an increasingly vicious circle.
For the hundreds of companies around the world this problem will be ongoing as some companies will be unable to pay the ransom. The cyber community has pulled together around the world however to issue warnings and bolster defences as companies try to resolve the issues themselves.
As this attack shows the increase in scale of ransomware attacks recently it is becoming more obvious each day that a longer term solution needs to be put in place. Whether that be laws made to prevent ransoms being paid or a worldwide effort to bolster the baseline security standards of businesses.