Cyber security teams are investigating The single largest global ransomware Attack on record It impacted thousands of organizations In at least 17 Countries the attack happened on friday And targeted a software supplier That works with other companies the Russia-linked cyber gang Are evil launched the attack it is the Same group Responsible for the breach against meat Processor jbs on sunday The group demanded 70 million dollars in Ransom from assault for A software key that could unscramble all Of the affected machines So nicole skanga has been following this Story and is here to discuss Wow nicole it's amazing how you can have An attack like this Um so widespread and kind of the rest of Us kind of go on with life and we have No idea You know the implications of how it may Be eventually affecting us Um so you know what can you tell us About this hack what are cyber Experts most worry about with this Latest scheme Yeah hi emery good to be with you and You said it there this Attack is massive the russian speaking Our evil cyber criminal gang
Has infected thousands of victims in at Least 17 countries that we know of so far and On saturday morning the information Technology company Kasaya confirmed it had suffered what They called a very sophisticated cyber Attack On its software now this software is Used by large it companies that Offer contract services to hundreds of Smaller businesses So there's likely a chain reaction here And at the end of that chain Are thousands of victims you know Victims that ceo of kasaya Estimate um you know are things like Libraries dental practices Architecture firms you know again small Businesses and casaya told near It's nearly 40 000 customers to Disconnect their software immediately on Friday but we Likely won't know how large this attack Is Until later today when a lot of these You know businesses employees Return to the office after this long Holiday weekend But anne-marie cyber experts i've spoken With are both Scared and impressed by the level of Sophistication of this Attack in this malware which was written
Into Old microsoft antivirus software updates In order to disguise its Origins get that and some have compared It to solarwinds That's exactly what i was thinking of Actually when i read about the details And you know you said uh Somebody one of the people that you Spoke to suggested that their customers Disconnect Um their computers or whatever i i Thought on friday i was off on friday And i bet a ton of people were off on Friday and probably Never received that email um It's not a coincidence that this hack Happened during the fourth of july Weekend No in fact it's by design it actually Appears that cyber criminals here Understood You know particularly us offices would Be lightly staffed and many victims May not learn of the attack until you Know monday Yesterday or even today if they're Coming back after this long weekend You know and since businesses impacted You know by this attack Literally outsource their i.t Infrastructure to other companies They're called managed service providers Many of the customers impacted here
Might not even know how to detect this Now Kasaya which is the initial software Company um that was infiltrated Sent a detection tool they said to about A thousand customers Um on saturday night but again you know That is saturday night so we'll see how Much that helped And you'll recall that the last time our Evil this cyber criminal group Launched a major attack you mentioned it Earlier on a meat packing firm Jbs they did it over memorial day Weekend so You know we're starting to see the Emergence of these really Large-scale cyber attacks when cyber Criminals feel that customers will Least be on the lookout for it during Long holiday weekends Exactly so what are they asking for And i remember sort of during the first Attack um We were told that our evil was most Likely a russian Group but whether there was a connection To the kremlin was unknown at that point So Do we know if there's a connection to The kremlin Yeah so you'll remember last time around Uh our evil this group demanded 11 Million dollars from jbs that meat
Packing firm Now demands here have been slightly less Because you know the ransomware attacks Have been on small to medium-sized Businesses cyber security experts i've Spoken with Have told me that you know the Ransomware demands are closer to 50 000 Uh but they are in cryptocurrency in Bitcoin those demands to try to mask That transfer of money You know some experts have pointed to Demands uh that are custom for some of These larger companies that have been Impacted You know upwards of five million dollars For bigger targets But this is interesting according to a Message posted by The our evil uh you know criminal gang This weekend on the dark web and Obtained by cbs News through uh the firm cyber reason Our evil actually offered a blanket Decryption code for All of the victims impacted by this Attack You know in exchange for 70 million Dollars in cryptocurrency and so Um you know we saw these screenshots we Read this message And cyber security experts tell us that It's actually an Indication that cyber criminals are are
Now overwhelmed by the sheer quantity of Ransoms that they have to manage that This in some ways is a headache for them Although You know i think many would argue this The main headache is for the businesses You know at the other end of this but For that reason you know they've offered This sort of Blanket 70 million dollar ransom uh you Know To to in exchange for an encryption tool That they could hand out to All of the businesses here we'll see When cyber insurers get together and Crunch the numbers if they find that This is sort of a cheaper way out and to Your Second question just about connections To the kremlin you know we know that our Evil is russian speaking we know they're Based in eastern europe It's tough to know their exact origin Especially because cyber criminals in General tend to hide their headquarters By Housing servers in third-party countries You know but if these Criminals are indeed russia based or Even Russia-linked you know as u.s Intelligence has previously Reported when it comes to our evil you Know that's very concerning
Less than a month ago you'll remember That president biden met with russian President vladimir putin You know told him to stop giving safe Haven to many of these cyber criminal Groups You know called them a national security Threat and though You know while this attack may not be Kremlin directed It's at least an invest an indication That you know the russian president has Sort of dragged his feet On shutting down some of these cyber Criminals Yeah really uh nicole thank you very Much Thank you
