The US Department of Justice on Monday announced that it had taken action against two individuals accused of using REvil ransomware to attack US government and commercial facilities.
In a press release, the Justice Department said it had accused a Ukrainian man of several ransomware ransom attacks, including an attack in July this year against Kaseya’s software company.
It also seized $ 6 million in ransom money from a Russian man accused of carrying out Revil attacks on various companies.
“Cybercrime is a major threat to our country – for our own safety, the health of our economy, and our national security,” US Attorney Merrick Garland said in a statement.
“Our message today is clear. The United States, together with our team, will do everything possible to identify the perpetrators of ransomware, prosecute them, and recover their stolen money,” Garland said continued.
WHY IT MATTERS
The Revil ransomware is raising the alarm for healthcare professionals, even after the group appeared to disappear earlier this year. In June, an attack on a hospital said the group could reveal information on 1.3 million people.
Monday’s Justice Department statement involved two criminals accused of using the ransom against US agencies: 22-year-old Yaroslav Vasinskyi of Ukraine and 28-year-old Russian Yevgeniy Polyanin.
The company accused Vasinskyi of smuggling malicious code into Kaseya’s products, ultimately ending Kaseya’s network of clients. In turn, the ransomware ran on computers.
He is suspected of raiding as many as 2,500 and raising $ 2.3 million in ransom, according to CNBC.
Vasinkyi, who was arrested in Poland in October, will serve 115 years in prison don’t ask for it.
Meanwhile, polyanine is believed to still be found in foreign countries, the Justice Department said. He was sentenced to 145 years in prison.
Meanwhile, Romanian authorities also announced on Monday that they arrested two suspects involved in the REvil 5,000 ransomware outbreak.
This is in addition to Vasinskyi and two other REvil affiliates arrested since February 2021.
“The arrest of Yaroslav Vasinskyi, the alleged Yevgeniy Polyanin and the seizure of $ 6.1 million of their assets, and the arrest of two Sodinokibi / Revil actors in Romania are the end of close ties with the international community, the States United and, in particular, our secret company. Partners, “FBI Director Christopher Wray said in a statement.
Wray said: “Members of ransomware appear to pose an unacceptable threat to our security and our economic well-being. We will continue to focus on actors and people. Supporting them, their teams and their finances, wherever in the world it may be,” Wray said.
THE LARGER TREND
President Joe Biden’s administration has taken a reckless approach to cyberattacks. This summer, US Commerce Secretary Gina Raimondo revealed that military action could be on the table when it comes to the redemptive response.
Last week, cybersecurity and infrastructure security companies also ordered government agencies to shut down known and notorious “serious threats” to federal agencies, most of them for the next several weeks.
ON THE RECORD
“These two defendants removed some of the worst cybercriminals, written by REvil, to hijack the victims’ computers,” US Attorney Chad E. Meacham for the Northern District of Texas said in a statement about Vasinskyi and Polyanin.
“Within a few months, the Justice Department identified the culprits, made the arrests, and seized large sums of money. The department will go to the worst places on the internet and the most dangerous place. Look at the world to identify cybercriminals,” he said.