WASHINGTON, D.C. – The White House announced on Tuesday that ransomware attacks on US businesses, such as the recent one centered on Florida IT firm Kaseya, will be discussed in a meeting of senior US and Russian officials next week. “We foresee a meeting focusing on ransomware attacks next week,” spokeswoman Jen Psaki told reporters.
On Friday, ransomware encrypted the data of hundreds of small businesses throughout the world, including several in the United States. Kaseya, on the other hand, declared in a statement on Tuesday that they were never a threat to key US infrastructure. The cyberattack was the latest in a string of intrusions by hackers who make a living by holding companies’ data hostage in exchange for digital currency payments. Although cybercrime has been around for a long time, it has recently become much more prevalent, with an attack on the Colonial Pipeline in May causing a disruption in U.S. gasoline supply all down the East Coast. On Wednesday, Biden will meet with officials from the Justice Department, State Department, Department of Homeland Security, and the intelligence community to discuss ransomware and US attempts to combat it, according to Psaki.
In the United States, the breach that hit Kaseya’s clients – many of whom are back office IT companies known as managed service providers – did not have the same impact as the ransoming of Colonial Pipeline.
The disruption was more severe elsewhere.
Many of Coop’s 800 grocery stores in Sweden are still recovering from the attack, which took out most of the chain’s supermarkets, however a spokesman told Reuters that “we currently have more open stores than closed ones.”
Eleven schools and many kindergartens in New Zealand were affected.
On Tuesday, Germany’s cybersecurity agency, BSI, said it was aware of three IT service providers in the country that had been hacked, with a representative estimated that hundreds of organizations had been hit in total.
“There are no incidents in Germany that are as well-known as the one in Sweden,” the official stated.
In private contacts with a cybersecurity expert and Reuters, the hackers who claimed responsibility for the attack sought US$70 million to recover all of the impacted organizations’ data, though they indicated a readiness to lower their demands.
(Raphael Satter contributed reporting; Douglas Busvine in Frankfurt and Johan Ahlander in Stockholm also contributed.) Kirsten Donovan, Alistair Bell, and Sonya Hepinstall edited the piece.)/n
