CENTRAL LAKE, MICHAEL MICHAEL MICHAEL MICHAEL MICHAEL MICHA President Joe Biden announced on Saturday (July 3) that he has asked US intelligence services to look into who was behind a sophisticated ransomware attack that affected hundreds of American firms and sparked suspicions of Russian gang participation. The current ransomware attack, according to security firm Huntress Labs, was caused by the Russia-linked REvil ransomware organization. The FBI blamed the same gang for paralyzing meat packer JBS SA last month.
While shopping for pies at a cherry orchard market in Michigan to promote his vaccination program, Biden was asked about the hack.
Biden stated that “we don’t know” who is behind the attack. “At first, we thought it wasn’t the Russian government,” he continued, “but we’re not sure yet.” Biden stated that he has authorized US intelligence services to investigate, and that if they decide that Russia is to responsible, the US will respond. Biden asked Russian President Vladimir Putin to crack down on cyber hackers operating out of Russia during a summit in Geneva on June 16, and warned of dire consequences if ransomware attacks continued to spread.
Biden stated that he would be briefed on the latest attack on Sunday.
“I told Putin we will respond if it is with Russia’s knowledge and/or as a result of Russia,” Biden added, alluding to what he told Putin in Geneva.
The hackers who struck on Friday took control of widely used technology management software from Kaseya, a Miami-based company. They modified a Kaseya product known as VSA, which is used by organizations that manage technology for small businesses. They then encrypted the files of the consumers of those providers at the same time. Huntress claimed it was tracking eight managed service providers who had infected 200 clients.
On Friday, Kaseya said it was looking into a “possible attack” on VSA, which is used by IT professionals to manage servers, workstations, network devices, and printers.
“This is a gigantic and destructive supply chain assault,” Huntress senior security researcher John Hammond wrote in an email, referring to a hacker approach that involves hijacking one piece of software to corrupt hundreds or thousands of people at once.
The US Cybersecurity and Infrastructure Security Agency said in a statement on Friday that it was “taking steps to understand and mitigate the recent supply-chain ransomware threat” against Kaseya’s VSA software.
After the US accused hackers of working for the Russian government and tampering with a network monitoring tool developed by Texas software firm SolarWinds, supply chain threats have risen to the top of the cybersecurity agenda.
Russian agents accused of intervening in the 2016 US presidential election have spent most of the last two years exploiting virtual private networks (VPNs) to target hundreds of organizations throughout the world, according to US and British authorities.
The Russian embassy in Washington refuted the accusation on Friday./n
