The websites run by ransomware gang-REvil became inaccessible last week leading to widespread speculations amongst the netizens that the group has been knocked offline.
It is a cybercrime organization with Russian links and has collected millions of dollars as ransom in return for restoring the computer systems it has hacked. Recently, it has also claimed responsibility for an extensive ransomware outbreak that affected an estimated 800 to 1500 computers worldwide.
These ransomware sites are usually unreliable and thus it was unclear if the site’s disappearance was a temporary phenomenon or the hackers themselves have taken down the websites or it has been removed from the internet by a 3rd person. The payment portal of the group as well as its blog, where the hackers used to share the details of their victims and also shamed them, who refused to pay the ransom they demanded, were unattainable.
The White House declined to make any comment. An attempt was made by ‘Reuters’ to reach the representatives of the REvil but it was unsuccessful.
These disappearances aren’t anything to worry about. Ransomware gangs tend to delete their past identity and come back with a new image when they begin to attract a lot of attention from security agencies. REvil was already under the radar of top US governmental agencies and there was mounting pressure on Washington to take decisive action against REvil and the likes of it.
US has already been under a string of attacks by ransom-seeking cybercriminals, including a cyber intrusion into Colonial Pipeline (COLPI.UL) which disrupted the gasoline deliveries across the East Coast.
Kurtis Minder, the founder of threat intelligence firm GroupSense made a thought-provoking statement that if this was an organized cyber offensive then there must be a consideration for collateral damage because in such cases ransomware-seeking criminals and their victims are co-dependent, as the criminals have access to their victims’ encrypted data. He also said that destroying one or two cybercrime servers is not a solution in the long run as there are various ransomware gangs out there on the internet.
By Nandini Dwivedi
Legal Intern, WCSF