Russian Criminal Group Targets Americans Working at Home

  • Post author:
  • Post category:Security

Since the pandemic situations prevailed across the world, the regular office workers switched to work from home. According to Symantec, a security service provider in the US, a Russian ransomware group “Evil Corp” targets employees of major news organizations and large corporations and companies in the US. A report published by the New York Times on June 25, 2020, states that the hackers demand the companies pay in millions to get access to their hacked data. Erin Chien, the technical director of Symantec, is among those engineers who first detected the US and Israel’s Stuxnet code to destroy Iranian nuclear centrifuges in the last decade. The attack led by the Russian hackers is only to make money at the time, but the infrastructure of their deployment can also be used to damage and erase whole data from the system.

In the same report in the New York Times, it is stated that the officials fear the election infrastructure could be the next target.

In a report published by BBC on June 26, 2020, it is stated that the Symantec demonstrated it a new type of ransomware which is called WastedLocker. The ransomware works like a computer virus and demands $500,000 to $1m as a ransom to decrypt files; otherwise, it will be wiped out. Evil Corp infiltrated into the networks of 31 organizations including Information technology, manufacturing and media departments. During the last year, the two leading Evil Corp members; Igor Turashev and Maksim Yakubets were accused of stealing millions of dollars from organizations in approximately 40 countries. There’s a reward of $5m for any information that can have them arrested and they are still wandering freely. Important thoughts revealed by Symantec are the hackers are creating ground for future ransomware attacks. Eric Chien further expressed that the hackers are the advantage of work from home situation. Employees usually use VPNs to connect to the work system. The hackers also use VPNs to detect the company that VPN user works for and infect the user’s system when visiting any public domain website. Later, when he connects with the working system, hackers can attack the company’s network.

Usually, cyberattacks led by a random group or many ordinary hackers can easily be dodged, and the reason for such attacks is usually money. The nature and sensitivity of the attack indicate that Evil Corp has significant back support because the strings lead the case in that direction. Even people discussing the matter on social media are discovering facts through arguments and shreds of evidence. For instance, on Reddit, a social media platform, a user has expressed this concern that if it is state-sponsored by state, which it seems to be, then it’s war and Government of US failed to defend or retaliate.

If the issue isn’t sorted out, the consequences would be even more significant, as the attack has already proved to be an initiative for future cyber-attacks.