It is a symbolic episode in the fight against ransomware, Yaroslav Vasinskyi, one of the main defendants in the Kaseya cyberattack, arrived in the United States on March 3 a revealed the US Department of Justice. The hack of software provider Kaseya launched on July 2, 2021 had affected more than 1,000 companies around the world.
Kaseya signed the end of the formidable group REvil
Yaroslav Vasinskyi had been locked up in a Polish prison since October 8, 2021, the date of his arrest at the Polish border. His extradition was kept secret by American justice until March 9, the date of his appearance in federal court in Texas.
French companies are increasing their spending on cybersecurity
The young Ukrainian, 22, is one of the links in the cyberattack that affected Kaseya. The cybercriminal ecosystem has become more complex with segregation of duties during ransomware attacks. Malicious code from the Sodinokibi/REvil group is Ransomware-as-a-Service, once one of the most widely used. Its access is offered to affiliates against a share of the loot.
The accused’s role in the attack on Kaseya was to deploy the ransomware in one of the company’s products. It then spread among its customers, before blocking their sites and demanding a ransom against decryption codes.
A few weeks after this global attack, a universal key was provided to victims to avoid payment of the ransom. According to information from washington post, it would have been provided by the FBI, then in the process of mounting an operation against Soninokibi/REvil. The group has since disappeared.
The United States has offered a bounty of 10 million dollars for the slightest information that could lead to the arrest of one of the protagonists of the cyberattack. In a statement, Attorney General Merrick Garland recalled that he had ” clearly stated that the Department of Justice would spare no resources in identifying and bringing to justice the transnational cybercriminals who prey on the American people “.
Ransomware, public enemies n°1
In a few years, ransomware has become a real scourge. In France, after several attacks against hospitals, Emmanuel Macron took specific measures to protect himself in February 2021. A few months later, the cyberattack against Colonial Pipeline was a turning point in the United States.
Shortly before Kaseya, ransomware was elevated to the rank of priority for American justice on the same level as terrorism. Increased international cooperation has been set in motion in the face of internationalized cybercrime.
A point emphasized by Deputy Attorney General Lisa Monaco, “ In the event of an attack, we will work with our partners here and abroad to prosecute cybercriminals, wherever they are “.
For the arrest of Yaroslav Vasinskyi, the American authorities welcomed the participation in the investigation of the police and justice of several European countries and in particular of the unit for the fight against French cybercrime and the Paris court.
Yaroslav Vasinskyi is charged with conspiracy to commit fraud, damage to protected computers and conspiracy to commit money laundering. If found guilty, he faces a total sentence of 115 years in prison. A federal court judge in Texas will set the sentence.