Biden Directs US Intelligence Agencies to Investigate Into the Latest Ransomware Attack

The President speaks on the Kaseya software breach, which has impacted hundreds of US companies and forced the closure of Swedish stores.

Joe Biden
U.S. President Joe Biden speaks during a Fourth of July BBQ event to celebrate Independence Day at the South Lawn of the White House Alex Wong/Getty Images

Ransomware Attack Hits Businesses Involving Russian Gang

In a recently published article in The Guadian, Pres. Joe Biden said on Saturday that he has ordered US intelligence agencies to look into a sophisticated ransomware assault that struck hundreds of American companies as the Fourth of July holiday weekend started, raising suspicions of participation by a Russian gang.

Huntress, a security firm, stated on Friday that it believes the REvil ransomware group, which is connected to Russia, is to blame. The FBI accused the same gang last month of crippling the meatpacker JBS.

REvil, which has been active since April 2019, creates network-paralyzing malware and rents it to so-called affiliates who infect targets and collect the majority of the ransoms, according to a recent report from Reuters.

Biden Released a Statement as Who is Behind the Ransomware Attack

Biden was questioned about the hack while shopping for pies at a cherry farm in Michigan. The president said that they do not know who is responsible for the assault. He did add, though, that the first thought was that it was not the Russian government, but they are not sure yet.

Meanwhile, Biden said that he had ordered US intelligence services to investigate and that if it was proven that Russia was at fault, the US would react. Biden asked Vladimir Putin to clamp down on Russian hackers during a meeting in Geneva on June 16 and warned of dire repercussions if ransomware assaults persisted, according to a published article in The Block Crypto.

Furthermore, the hackers who attacked on Friday took control of widely used technology management software from Kaseya, a provider with offices in Dublin and Miami. They altered a program known as VSA, which is used by firms that handle technology for small enterprises, and then encrypted the data of those companies' clients.

Effects of the Ransomware Attack

The ransomware attack was felt all across the world. According to the national broadcaster, the majority of Coop's 800 shops in Sweden were unable to open due to malfunctioning cash registers. A large drugstore chain and state railroads were also impacted.

Huntress senior security researcher John Hammond described the assault as a "colossal and catastrophic supply chain attack," alluding to a growing trend of hijacking one piece of software to corrupt hundreds or thousands of people.

Kaseya's CEO, Fred Voccola, said that the firm thought it had found the cause of the vulnerability and that a fix will be released as soon as possible to get clients back up and running. Fewer than 40 Kaseya customers are known to be impacted, according to Voccola, but the ransomware may harm hundreds of businesses that depend on Kaseya clients.

According to Voccola, the issue only affects "on-premise" clients or companies who operate their own data centers. Kaseya had taken down those servers as a precaution, he added, but it was not impacting cloud-based services operating software for clients.

Tags
Joe Biden, Cyber Attack, Russian
Real Time Analytics