Although REvil ransomware may appear and sound unusual, it is a widespread tool used by cybercriminals to target unsuspecting businesses, steal sensitive data, and extort money. Many businesses fear falling victim to a REvil ransomware attack—and for good reason.

So, what is REvil ransomware, exactly? Let’s take a look.

What Is REvil?

REvil Ransomware, also known as Sodinokibi, is a Ransomware strain that infects a computer or network, encrypts files, and demands a payment (or ransom) to unlock them. If the victim fails to pay by the first date, the ransom demand doubles. The ransomware-as-a-service (RaaS) trend includes REvil (short for ransomware evil).

REvil ransomware was likely embedded in a Kaseya update and used the administrative privileges of the platform to infect systems across 22 countries. It appears that around 40 MSPs were targeted. It appears that the attack was launched from Russia. Customers downstream who rely on the MSPs’ services, on the other hand, may suffer. The number of companies whose data has been encrypted could number in the thousands, and the attack is still ongoing.

The perpetrators are believed to have netted over $100 million from their 2020 exploits alone. A majority of ransomware victims do not report attacks or make it public whether they have paid the ransom.

How do you recognise this threat:

REvil, like other ransomware, notifies victims that they must pay a ransom in order to retrieve data that were previously accessible. RaaS ransomware kinds are often spread more extensively than more focused varieties, through phishing emails and infected attachments, as opposed to more targeted varieties.

How to Prevent This Threat:

Protecting against a REvil attack, like other ransomware, represents a holistic approach. Employees should be taught to avoid suspicious links and attachments. Backup your files on a regular basis so that you can restore them if they become encrypted. To detect and stop ransomware before it hits, use a next-generation firewall with real-time security services like sandboxing, machine learning, signature-less defences, and more.

Protecting Yourself from REvil Ransomware:

Do you want to know how to keep yourself and your web assets safe from the REvil ransomware? Here are a few security precautions to remember:

  • Maintain current security solutions and make sure your computers are protected with the most recent fixes for newly found vulnerabilities (like REvil ransomware)
  • To protect your critical data and accounts, use unique passwords and enable two-factor authorization.
  • To generate and track your passwords, use a password manager.
  • Secure network shares
  • Enforce stricter access controls on folders and processes
  • Encrypt your sensitive data wherever possible
  • Back up your data and store backups off-line to avoid being harmed by hackers.
  • Educate and inform your employees/staff on the threats and ways that hackers and groups use to infiltrate organisations electronically.

Stay Protected with Siccura

As deadly as Ransomware is to any business or individual, by being aware of the newest Ransomware trends can go a long way towards securing your data and systems. The only way to truly beat or defend yourself from Ransomware attacks is by getting a control of your data.  Siccura range of solutions protect your data no matter where it is.  The solution locks the data into an unbreakable format that even malware attacks like Ransomware cannot penetrate into. What’s more the solution offers automatic cloud backups, so in the event physical devices get infected by Ransomware, you can be up and running again in no time. For more information, visit