REvil Ransomware Gang Auctions Off Stolen Data
Sol Oriens, a U.S. nuclear weapons contractor, has been hit with a ransomware attack. The attack was first reported in May of this year and is believed to be launched by REvil, a well known ransomware gang responsible for attacks on POS systems, Brown-Forman group, Acer, and many other large companies. The gang is now claiming to be auctioning off data stolen from Sol Oriens on the dark web.
REvil Releases First Stolen Data Auction Site
A little over a year ago, REvil launched an auction site to sell stolen corporate data from breaches and ransomware attacks. This was the first stolen data auction site to hit the web, and started off with a small posting of corporate data. Over the year, the gang has posted lists of corporations who have been targeted, and it appears that Sol Oriens’ data is among those up for auction.
Information stolen includes social security numbers and payroll information. The gang provided photos of such documents as proof of possession. REvil has justified its actions by stating that Sol Oriens did not do a sufficient job in protecting the stolen data, giving the ransomware gang “the right” to forward documents and data to foreign military entities. This poses a great threat not only to the nuclear weapons contractor but to the United States as well.
According to CNBC correspondent Eamon Javers, it is not yet clear whether or not REvil has accessed any “client classified” or “critical security-related information.” All that we know as of now is that an unauthorized party has accessed documents from Sol Oriens’ systems. The contractor is currently working with a third-party tech forensic firm in determining what other information might have been stolen.
Victims Are Struggling to Keep Up With Attack Rate
The COVID-19 pandemic increased the number of attacks, ransomware and otherwise, that have hit both individuals and corporations alike. According to a report by VMware, attackers have not only been hitting targets with a higher volume of attacks, but the attacks themselves have grown to be more sophisticated.
Many respondents expressed a sense of fear regarding the increased sophistication in attacks. It has been a great challenge for many companies, who have not been able to both adjust to new operations as well as keep up with cybersecurity measure that could compete with the caliber of attacks. Such changes require funds that many companies don’t have.
Russia On Thin Ice with the United States
President Biden is scheduled to discuss recent ransomware attacks originating from Russia with President Vladimir Putin at the Geneva Summit on Wednesday, June 16th. The U.S. President has issued a warning to Russia last month, urging them not to protect cybercriminals and hold them accountable. U.S.-Russia relations have been strained following election scandals, and the recent attacks coming from Russian servers is creating increased stress on the relationship between the two countries. The results of the Summit may determine the United States’ relationship with Russia moving forward.