The clear vitality firm Invenergy stated on Friday that it had been hacked however that it did “not intend to pay any ransom”, after one of many world’s most infamous ransomware gangs threatened to leak embarrassing particulars about its billionaire chief govt.
The Chicago-based personal firm, greatest identified for constructing massive wind and photo voltaic farms, stated that it had “investigated unauthorised activity on some of its information systems” and was complying with all laws that require disclosure of knowledge breaches.
Invenergy stated that its operations had not been impacted by the assault, including: “Invenergy has not paid and does not intend to pay any ransom”.
The admission got here after Russia-linked REvil, among the many most prolific legal ransomware hacking cartels, claimed on its darkish site that it had compromised the corporate, downloading 4 terabytes of knowledge together with data on initiatives and contracts, in response to screenshots seen by the FT.
It additionally claimed that it had “very personal and spicy” details about the corporate’s chief govt Michael Polsky. According to the hackers, this contains the vitality magnate’s private emails, compromising pictures, and particulars about his divorce from his first spouse Maya Polsky. Invenergy didn’t touch upon the claims.
Mr Polsky amassed a $1.5bn fortune by constructing electrical energy firms after emigrating to the US from Soviet Ukraine in 1976 with $500, in response to Forbes. In 2007, a decide dominated that Ms Polsky must be awarded half her husband’s money and belongings on the time — round $180m — in what was then one of the crucial costly divorces in historical past.
The Invenergy incident comes amid the rising scourge of cybercriminal exercise, which has included ransomware assaults, by which hackers seize knowledge and solely launch it when a ransom is paid, probably crippling a sufferer’s enterprise, as within the latest hack of the Colonial pipeline within the US.
REvil’s victims in latest months have included the Taiwanese Apple provider Quanta and the FBI has additionally accused the group of being behind final week’s assault on meatpacker JBS.
Recently, ransomware teams have began threatening to leak knowledge as additional leverage to stress targets to pay up. Many function “leak sites” on the darkish net the place they may publish threats to their targets and later publish stolen knowledge if these targets refuse to pay.
Some hacking teams declare to have absolutely moved to an exfiltration-only mannequin often called “extortionware”, relying solely on the specter of reputational injury to win fee, usually in cryptocurrency.
Invenergy stated that “no data was encrypted” by its attackers, suggesting that REvil both opted to not encrypt the corporate’s knowledge and disrupt its enterprise, or an encryption attempt failed.
“Threat groups are . . . increasingly using any embarrassing information they obtain as leverage against executives who may be in a position to influence the decision as to whether or not the demand is paid,” stated Brett Callow, risk analyst at cyber safety group Emsisoft.
“Unfortunately, it’s a strategy that likely works. Even [if] the claims are false, some companies may be willing to pay simply to make an embarrassing situation go away.”