The attacker is facing over 13 years in prison.
In July 2021, Kaseya, a Miami-based IT and security management company, faced a massive cyberattack. The attack was conducted by exploiting a vulnerability in a software package that Kaseya developed and used by thousands of other companies.
Once Kaseya discovered the attack, they worked quickly to patch the vulnerability but were unable to prevent the bug from infecting their Virtual System Administrator, a remote monitoring and management software.
In total, approximately 1,000 companies experienced downtime. “Our global teams are working around the clock to get our customers back up and running,” said Fred Voccola at the time, the CEO of Kaseya, “We understand that every second they are shut down, it impacts their livelihood, which is why we’re working feverishly to get this resolved.”
Russian-based ransomware gang REvil ultimately took credit for the attack, claiming to have encrypted more than one million systems. The gang demanded a $70 million ransom payment to release the decryptor.
President Joe Biden communicated with Russian President Vladimir Putin, demanding he hold the gang accountable. Soon after, the REvil website vanished and Kaseya was given a decryption tool from an unnamed party.
Now, over 3 years later, the saga is finally coming to a close.
Yaroslav Vasinskyi, a Ukrainian national accused of leading the attack, has been sentenced in the United States to 13 years and seven months of prison time. He was allegedly involved in more than 2,500 ransomware attacks. He pled guilty in 2022.
On top of jail time, Vasinskyi must pay $16 million in restitution.
While Vasinskyi did not work alone, his alleged co-conspirator, Russian national Yevgeniy Polyanin, remains at large.
“Yaroslav Vasinskyi and his co-conspirators hacked into thousands of computers around the world and encrypted them with ransomware,” said Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Justice Department’s Criminal Division.
“Although the conspirators attempted to cover their tracks by laundering the payments from victims, Vasinskyi could not hide from law enforcement. Vasinsky’s sentence today should serve as a reminder to ransomware actors everywhere: we will track you down and bring to you to justice,” she added.
The Kaseya cyberattack was a major incident, impacting at least a thousand healthcare organizations that used its software. Tracking down Vasinskyi was also an international effort; he was ultimately detained in Poland and extradited to the United States for his trial.
Unfortunately, many cyberattacks are conducted from outside the US, which can lead to complications when it comes to holding individuals accountable or even tracking them down. However, with significant effort and pressure, it is possible to find and charge cybercriminals.
Related: HIPAA Compliant Email: The Definitive Guide