Russian hackers seemingly behind latest ransomware attack
A Russian-linked group that is counted among the cybercriminal world’s most prolific extortionists is suspected to be behind a “colossal” ransomware attack that affected hundreds of companies worldwide — just weeks after President Biden boasted about taking President Putin to task on cyberattacks.
In a post on a blog typically used by the Russian-linked
REvil cybercrime gang, a group of ransomware hackers appears to have taken
responsibility for the cyberattack that hit over 200 US companies Friday,
demanding $70 million in bitcoin for the data to be returned.
“On Friday we launched an attack on [managed service providers].
More than a million systems were infected,” the posting on the Dark Web site
Happy Blog explained.
The post, written in broken English, requested the
staggering price in exchange for the group releasing information to be able to
regain access to sites “in less than an hour.”
The blog is frequently used by the REvil group, which is
considered among the world’s most prolific cyber-extortionists.
Reps for REvill have declined to comment further to media
outlets in the wake of the attack.
Friday’s mass cyberattack — which cyber-security firm
Huntress Labs has blamed on the Russia-linked ransomware gang — hit at least
200 companies at the start of the Independence Day weekend.
Swedish grocery stores, schools in New Zealand, and two
major Dutch IT firms were among the victims of REvil, which launched its attack
on Friday after breaching the systems of US-based software firm Kaseya.
After hitting Kaseya, a Florida-based IT company, the attack
then spread through the corporate networks that use its software.
Asked about the attack while in Michigan on Saturday,
President Biden urged caution as US authorities narrowed down and confirmed the
source of the attack.
“We’re not sure it’s the Russians,” he said, adding that he
had been briefed on the matter and had instructed the intelligence community to
find out more.
“The fact is that I’ve directed the intelligence community
to give me a deep dive on what’s happened, and I’ll know better tomorrow. And
if it is either with the knowledge of and/or a consequence of Russia, then I
told Putin we would respond,” he said.
Asked if he had already spoken to the Kremlin, Biden said he
had not, as he was waiting for the intelligence community to confirm the
information before acting.
He then voiced doubts from those in the intelligence
community about Russia being the source of the hack.
“We’re not certain. The initial thinking was it was not the
Russian government, but we’re not sure yet.”
Ransomware is a malicious software that locks up a user’s
data. Hackers typically demand money, most frequently in cryptocurrency, to
unlock or return the affected data.
Ransomware and other cyber attacks have skyrocketed in
recent months, as US foes worldwide — unable to successfully take on America’s
armed forces — turned their attention to our weaker digital defenses.
FBI Director Christopher Wray revealed last month that in
the US alone, the FBI is investigating about 100 different types of ransomware.
His revelation came in the wake of the hack against JBS
Foods in June, the world’s largest meat supplier, and a similar attack on
Colonial Pipeline in May.
REvil was responsible for the JBS hack.
During his summit with Russian President Vladimir Putin last
month, Biden said he addressed Russia’s safe harboring of cybercriminals
responsible for the string of recent attacks.
House Minority Leader Kevin McCarthy (R-Calif.) referenced
that back-and-forth on Twitter Saturday after news of the hack began to
circulate, calling the president “soft on crime and weak against Putin.”
“Remember when President Biden gave Putin a list of things
that were supposed to be off-limits for cyber attacks? What he SHOULD have said
is that ALL American targets are off-limits,” the top-ranking House Republican
wrote on the social media platform.
Comments
Post a Comment