The Biden Justice Department is charging a 22-year-old Ukrainian citizen for orchestrating a July ransomware attack on a software company in Florida that infected more than 1,000 companies and extracted millions of dollars in ransoms before quietly going dark.
REvil, which infected IT management software provider Kaseya over the Fourth of July weekend, returned online briefly in September before again shutting down after U.S. Cyber Command, in partnership with a foreign government entity, successfully hacked the ransomware group's servers.
The Department of Justice has seized over $6 million in ransom payments and has charged the newly-arrested Yaroslav Vasinskyi, along with still at-large Russian national Yevgeniy Polyanin, with conspiracy to commit money laundering and conspiracy to commit fraud, among other charges, Attorney General Merrick Garland and Deputy Attorney General Lisa Monaco said Monday. The charges were filed in early July and released from under seal on Nov. 8, and they accuse Vasinskyi of authoring the ransomware and engineering its use. REvil has gathered at least $200 million in ransom payments thus far, and the $6 million came from Polyanin's coffers.
The Biden administration appears frustrated and furious with the constant escalating barrage of hacks over the last year. The Federal Bureau of Investigation said in June it would treat ransomware attacks with the same level of priority as terrorism, following an attack from a different ransomware group, now linked to Russia, that brought down the Colonial Pipeline system for gas distribution in the Eastern U.S. for nearly a week. The State Department also said it would form a "Bureau of Cyberspace" to deal with rising international threats online, as well as growing restrictions over internet freedom.
The Biden White House has also sanctioned the Russian government for sponsoring and allowing hackers to try to attack U.S. companies, including Russia-linked Nobelium's attack on SolarWinds, but those sanctions have done little to deter attackers. Biden in July asked Russian President Vladimir Putin to crack down on hackers, but in an early November interview with the Associated Press Monaco said that the DOJ has "not seen a material change in the landscape. Only time will tell as to what Russia may do on this front."
"The Justice Department is sparing no resource to identify and bring to justice anyone anywhere who targets the United States with a ransomware attack," Garland said during a Monday press conference.