A Revil representative under the pseudonym Unknown, claims that the hackers, partners in the use of malware, have access to ballistic missile launch systems.Cybercriminal group REvil operates on the RaaS ransomware-as-a-service business model, in which attackers offer malware to partners who use it to block devices and encrypt organizations’ data.
A REvil spokesperson under the pseudonym Unknown explained, why ransomware can be a devastating weapon in cyber warfare.
According to Unknown, the cybercriminal group is trying to maintain political neutrality.
Ransomware operators avoid attacks on organizations in the CIS countries, including Georgia and Ukraine, mainly because of geopolitics, local legislation, or patriotism of some members of the group. As Unknown noted, very poor countries do not pay the ransom, including India, Pakistan, Afghanistan, etc.
The hacker also said that cyber insurance companies are among the most attractive targets. The group first attacks similar organizations to gain access to their customer base, and then deliberately organizes malicious campaigns against other businesses.
REvil operators do not often resort to DDoS attacks, as calls to victims, their partners and journalists have very good results, increasing the pressure. Publishing the stolen data is usually guaranteed to force the victim to pay the ransom.
Let me remind you that the expert told how he hacked into a nuclear power plant.