Kaseya Firmly Denies Paying Ransom for Decryption Tool
After the dust of the REvil ransomware gang attack on Kaseya has mostly settled and the company announced obtaining a universal decryption tool that it handed down to all donwstream victims affected by the attack, one big question remained - how did Kaseya get its hands on the decryptor.
The company has now put an end to speculation and has come forwards with an official statement, denying paying any sort of ransom in order to obtain the decryptor.
The original ransom demand made by REvil was a ludicrous $70 million, but that was allegedly toned down to a slightly less absurd $50 million. There was a lot of speculation online about whether or not Kaseya had paid any form of ransom, after the company announced on July 22 that it had obtained a universal decryption tool from a third party.
Kaseya released another official statement on July 26, informing the public "in no uncertain terms" that there has been no ransom payment - neither direct or indirect through a third-party such as a cyber-insurance firm. The announcement states that the company remained committed to its initial decision "to not negotiate with the criminals".
The formal statement was also aimed at quelling speculation that Kaseya's "continued silence" on the subject of paying any form of ransom might encourage further ransomware attacks.
There is a catch, however. Kaseya did provide the decryption tool to all of its affected customers, but also made them sign a non-disclosure agreement. When contacted by ZDnet and other media, Kaseya and infosec firms involved in the case in some capacity stated they were unable to comment on the NDA.
Similar non-disclosure agreements are not uncommon when it comes to similar cases, but they are also not the usual practice. It would make sense that Kaseya would want to protect the identity of the third party who supplied the decryption tool, but there are some analysts who believe this approach limits the insight the infosec community might gain from the attack.
Naturally, an NDA will also provide Kaseya with a legal shield against further possible lawsuits related to the attack.