To Innovation - Breaking Politics, Economics, Crypto & IT News

learn more
Reporting from Watford, UK and LA, US since 1996
learn more

YouTubers try to be TikTokers

Shorter videos are a trend to hate or follow

FBI had a decryption key for REvil attacks

But kept it in secret in hope hackers will show up, which they never did

22.Sep.21 11:49 AM
By Shawn Highstraw
Photo FBI


FBI had a decryption key for REvil attacks
The FBI kept a key secret for three weeks. It would allowed affected companies to decrypt their computer systems after the large-scale ransomware attack on software company Kaseya.

The key is said to have been obtained by the investigation department at the beginning of July, but was not shared with the outside world until three weeks later. FBI Director Christopher A. Wray confirmed on Tuesday that security did indeed wait to release the key.

Employees and former employees of the FBI have stated that the agency would be working on an operation against the REvil group. The ultimate goal of the operation would be to bring down the hacking group, writes the newspaper.

If the key had been shared directly with affected companies, REvil would have found out that the FBI had broken into the group's servers. This might have compromised the operation.

FBI has therefore decided not to share the encryption key directly with the outside world. The final attack on REvil never took place, because the hacking group suddenly disappeared from the internet in mid-July. Perhaps the group detected the intrusion.

The large-scale hacking attack started with Kaseya, a company that supplies software packages to companies around the world. These software packages allow companies to remotely manage customer's computer systems.

The hackers came in through a soft spot in the software and were able to take systems from hundreds of companies hostage. The hackers demanded $ 70 million for the release of a key to hit the parties for their files. In Sweden, eight hundred Coop supermarkets had to close because cash systems were no longer working due to the hack.

Back to the list

Related Information: