Joe Biden orders probe of latest ransomware attack; Russia-linked REvil ransomware gang under the spotlight
US President Joe Biden said on Saturday he has directed U.S. intelligence agencies to investigate who was behind a sophisticated ransomware attack that hit hundreds of American businesses and led to suspicions of Russian gang involvement.
The hackers who struck on Friday hijacked widely used technology management software from a Miami-based supplier called Kaseya. They changed a Kaseya tool called VSA, used by companies that manage technology at smaller businesses. They then encrypted the files of those providers’ customers simultaneously.
A massive ransomware attack on the software supply chain has impacted more than 1,000 businesses so far, and the number may continue to grow. The attack has focused on managed service providers, which provide IT services primarily to small- and medium-sized businesses. Such attacks can have a multiplying effect, since the hackers may then gain access and infiltrate the MSPs’ customers too.
On Thursday, U.S. and British authorities said Russian spies accused of interfering in the 2016 U.S. presidential election have spent much of the past two years abusing virtual private networks (VPNs) to target hundreds of organizations worldwide.
On Friday, Russia’s embassy in Washington denied that charge.