US Authorities Offer Bounty on Hacker Group 'Revil'
[Asia Economy Reporter Kim Suhwan] The U.S. Department of Justice has indicted members of the Russian hacking group Revil, identified as the 'perpetrators' behind a series of ransomware attacks, as well as hackers known to have launched ransomware attacks against the United States last July.
According to major foreign media on the 8th (local time), the U.S. Department of Justice indicted two hackers reportedly responsible for a large-scale ransomware attack in the U.S. last July.
These individuals, one Ukrainian and one Russian, are known to be linked to the Revil organization.
The Ukrainian hacker, who was arrested last month in Poland, is accused of participating in the 'Kaseya' hacking incident that occurred in July.
He infiltrated the network of the U.S. software company Kaseya and carried out ransomware attacks on over 1,500 companies worldwide that use its services.
Ransomware is a malicious program combining the words 'ransom' and 'software.' It locks systems or encrypts data, rendering computers unusable, and demands payment as a condition to unlock them.
Some of the companies affected by these attacks paid hackers to recover their data.
According to the U.S. Treasury Department, these companies transferred over $200 million (approximately 240 billion KRW) worth of Bitcoin and Monero to the hackers.
The indicted hackers reportedly distributed hacking programs from April 2019 to carry out these large-scale ransomware attacks, U.S. authorities stated.
Meanwhile, U.S. authorities also announced plans to offer rewards for information leading to the identification of Revil leadership.
On the 8th, the U.S. Department of State announced it would pay up to $10 million (approximately 1.18 billion KRW) for information on the identity or location of Revil leaders.
The Department of State also announced rewards of up to $5 million for information on suspects involved with Revil.
Revil hacked the computer network of JBS, the largest meat processing company in the U.S., in May, causing significant damage.
On the 4th, the Department of State also announced a $10 million bounty on the hacking group DarkSide, which attacked Colonial Pipeline, the largest pipeline operator in the U.S.
In May, Colonial Pipeline was shut down due to a ransomware attack, leading to a gasoline shortage across the U.S. East Coast.
At that time, Colonial Pipeline paid hackers $5 million in ransom to regain system access, and the U.S. Department of Justice recovered $2.3 million of that amount.
Recognizing the severity of the situation, the Biden administration convened a ransomware attack countermeasure meeting last month with over 30 countries, including South Korea and the U.S., laying the groundwork for international cooperation on cybersecurity.
Subsequently, the Department of Commerce established separate regulations requiring government approval for sales of tools that could be used for hacking to countries such as China and Russia, and the Department of State created a dedicated cyberterrorism unit, intensifying comprehensive responses.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
