Dorblue
Essential
- Joined
- 28.09.20
- Messages
- 93
- Reaction score
- 258
- Points
- 33
One partner also has access to the systems of a US Navy cruiser, another to the devices of a nuclear power plant, and another to the systems of a weapons factory.
The REvil cybercrime group operates on a "ransomware-as-a-service" business model, in which attackers offer malware to partners who use it to block devices and encrypt organizations ' data. A representative of REvil, who uses the pseudonym Unknown, spoke about why ransomware can become a destructive weapon in cyber warfare.
"Ransomware can be a very destructive weapon in cyber warfare. At least several partners have access to the ballistic missile launch system, one to the systems of a US Navy cruiser, another to the devices of a nuclear power plant, and another to the systems of a weapons factory. They can really start a war, but it's not worth it — the consequences are unprofitable, " The Unknown edition of The Record quotes.
According to Unknown, the cybercrime group tries to observe political neutrality. Ransomware operators avoid attacks on organizations in the CIS countries, including Georgia and Ukraine. Mainly because of geopolitics, local legislation, or the patriotism of some of the members of the group. As noted by Unknown, very poor countries do not pay the ransom, including India, Pakistan, Afghanistan, etc.
The hacker also reported that cyber insurance companies are among the most attractive targets. First, the group attacks such organizations to gain access to their customer base, and then purposefully organizes malicious campaigns against other enterprises.
REvil operators do not often resort to DDoS attacks, because calls to victims, their partners and journalists give a very good result, increasing the pressure. Publishing stolen data is usually guaranteed to force the victim to pay a ransom.
"But to end the negotiations with a DDoS attack is to destroy the company. Literally. I also think we will expand this tactic to harass the CEO and / or founder of the company. Collection and analysis of information from publicly available sources, harassment. I think this will also be a very interesting option. But victims should understand that all the resources we spent before paying the ransom will be included in the price of the ransom, " Unknown said.
The REvil cybercrime group operates on a "ransomware-as-a-service" business model, in which attackers offer malware to partners who use it to block devices and encrypt organizations ' data. A representative of REvil, who uses the pseudonym Unknown, spoke about why ransomware can become a destructive weapon in cyber warfare.
"Ransomware can be a very destructive weapon in cyber warfare. At least several partners have access to the ballistic missile launch system, one to the systems of a US Navy cruiser, another to the devices of a nuclear power plant, and another to the systems of a weapons factory. They can really start a war, but it's not worth it — the consequences are unprofitable, " The Unknown edition of The Record quotes.
According to Unknown, the cybercrime group tries to observe political neutrality. Ransomware operators avoid attacks on organizations in the CIS countries, including Georgia and Ukraine. Mainly because of geopolitics, local legislation, or the patriotism of some of the members of the group. As noted by Unknown, very poor countries do not pay the ransom, including India, Pakistan, Afghanistan, etc.
The hacker also reported that cyber insurance companies are among the most attractive targets. First, the group attacks such organizations to gain access to their customer base, and then purposefully organizes malicious campaigns against other enterprises.
REvil operators do not often resort to DDoS attacks, because calls to victims, their partners and journalists give a very good result, increasing the pressure. Publishing stolen data is usually guaranteed to force the victim to pay a ransom.
"But to end the negotiations with a DDoS attack is to destroy the company. Literally. I also think we will expand this tactic to harass the CEO and / or founder of the company. Collection and analysis of information from publicly available sources, harassment. I think this will also be a very interesting option. But victims should understand that all the resources we spent before paying the ransom will be included in the price of the ransom, " Unknown said.