This was the first experience that I went through where we had this high number of victims and

really this broad impact across the state.

Hi and welcome to Cyber reasons Malicious Life B-Sites.

I'm Randall. A year ago in a B-side episode called Ransomware Attacks Don't Take Holidays, we told you the story of

Kasea, an IT Solutions company that was breached on July 2nd, 2021, and its servers were used to spread ransomware to an estimated 800 to 1,500 small to medium-sized businesses.

Kaseya's CEO said at the time that quote we have about 150 people that have slept

probably a grand total of four hours in the last two days literally and that will continue until everything is perfect as can be."

Not a great way to spend the 4th July holiday.

Well, guess what?

If you visit the FBI's Most Wanted Cyber criminals list right now, you'll find there the

roundish serious looking face of Yevgeny Yevgeny-grevich Polyanin, a 30 years old Russian man.

Polyanin probably has a good reason for not smiling in his pictures.

He has a $5 million prize on his head.

Polionin is part of Reevo, the notorious Ransomware group that was responsible, among other things, for Casea's breach.

For this episode, Nate Nelson, our senior producer, spoke with Rich Murray, who leads the

FBI's North Texas Cyber Unit about how the Federal Bureau of Investigations dealt with another attack by

Revel, this time against the Texas government and how they managed to figure out who was behind the attack. Enjoy the interview.

Could you just describe for me the moment that you first heard about the attack that we're going to be talking about today?

Yeah, so I learned about the attack on August 16th, 2019, the same day that it occurred here in the state of Texas.

You know the information that I received was that there was a ransomware attack

that it that had been initiated early that morning around 215 through a common

vector of an IT services vendor which turned out to be a managed service provider.

...