Malicious Hacker Behind Kaseya Ransomware Attack Gets 13-Year Sentence

A federal judge has sentenced Yaroslav Vasinskyi, a Ukrainian national, to 13 years and seven months in prison, and ordered to pay over $16 million in restitution for his role in conducting the Kaseya ransomware attack that impacted hundreds of businesses globally.

Vasinskyi previously pleaded guilty in a federal courtroom in Dallas to an 11-count indictment charging him with conspiracy to commit fraud and related activity in connection with computers, damage to protected computers, and conspiracy to commit money laundering. Poland previously had extradited him to the United States. 

Robert Cioffi, CTO and co-founder of New York-based Progressive Computing, one of 60 MSPs hit with ransomware in the Kaseya attack, was at the sentencing.

We previously spoke with him about the devastating impact of this ransomware attack on his business.

Progressive Computing's Robert Cioffi

“He faced 115 years for his crimes, but the judge ordered only [less than] 14,” Cioffi said. “Some may lament, wishing he’d rot for eternity in a jail cell instead. I’m with you. But consider this: It was a massive victory for all of us, the MSP community, countless businesses that we serve and our national interests. It tells the world that although you may be hiding behind protective borders in enemy states, you can still be held accountable for crimes. So kudos to the Department of Justice and the FBI for their unwavering work and professionalism to seek justice. I for one feel a bit relieved knowing a victim can have his say in court and be witness to seeing his attacker pay the price.”

Related:The Gately Report: One MSP's Account of Devastating Ransomware Attack

Kaseya Ransomware Attack Part of Larger Scheme

Prosecutors charged Vasinskyi for his role in conducting more than 2,500 ransomware attacks and demanding more than $700 million in ransom payments.

According to court documents, Vasinskyi, also known as Rabotnik, conducted thousands of ransomware attacks using the ransomware variant known as Sodinokibi/REvil. The co-conspirators demanded payments in cryptocurrency, and used cryptocurrency exchangers and mixing services to hide their ill-gotten gains. To drive their ransom demands higher, Sodinokibi/REvil co-conspirators also publicly exposed their victims’ data when victims would not pay ransom demands.

“Yaroslav Vasinskyi and his co-conspirators hacked into thousands of computers around the world and encrypted them with ransomware,” said Principal Deputy Assistant Attorney General Nicole Argentieri, head of the Justice Department’s criminal division. “Then they demanded over $700 million in ransom payments and threatened to publicly disclose victims’ data if they refused to pay. Although the conspirators attempted to cover their tracks by laundering the payments from victims, Vasinskyi could not hide from law enforcement. Vasinskyi’s sentence today should serve as a reminder to ransomware actors everywhere: we will track you down and bring you to justice.”

Related:Kaseya Ransomware Attack Further Delays VSA Relaunch for Customers