A Ukranian and a Russian have been indicted by a federal grand jury for using ransomware in attacks on U.S. businesses, the U.S. Department of Justice said in a press release.
Yaroslav Vasinskyi, 22, of Ukraine and Yevgeniy Polyanin, 28, of Russia, ellegedly encrypted data on the computers of U.S. companies, including Kaseya, an information technology software company.
The DOJ also seized $6.1 million that Polyanin received in ransom money from companies, the press release said.
With ‘Sodinokibi/REvil’ software, the men "allegedly left electronic notes in the form of a text file on the victims’ computers," the press release said. "The notes included a web address leading to an open-source privacy network known as Tor, as well as the link to a publicly accessible website address the victims could visit to recover their files."
On both websites, the victims were given a ransom demand and provided a virtual currency address for payment. Once a victim paid the amount, they were provided a decryption key in order to acquire their stolen data. If the ransom was not paid, the defendants ‘typically posted the victims’ stolen data or claimed they sold the stolen data to third parties,’ the press release said.
“Our message to ransomware criminals is clear: If you target victims here, we will target you,” Deputy Attorney General Lisa Monaco said in a statement. “The Sodinokibi/REvil ransomware group attacks companies and critical infrastructures around the world, and today’s announcements showed how we will fight back. Together with our partners at home and abroad, the Department will continue to dismantle ransomware groups and disrupt the cybercriminal ecosystem that allows ransomware to exist and to threaten all of us.”
The DOJ recently established a Ransomware and Digital Extortion Task Force, the Wall Street Journal reported. Their goal is to make ransomware attacks such as these less profitable. Additionally, they have created the website Stopransomware.gov, a ‘one-stop hub for ransomware resources for individuals, businesses and other organizations,’ a press release said.
“As ransomware attacks continue to rise around the world, businesses and other organizations must prioritize their cybersecurity,” said Secretary Alejandro Mayorkas for the Department of Homeland Security. “These attacks directly impact Americans’ daily lives and the security of our nation. I urge every organization across our country to use this new resource to learn how to protect themselves.”
