Cyber ‘Cold War’
Biden feckless on Russia ransomware
A Russia-linked group that is counted among the cybercriminal world’s most prolific extortionists is suspected of being behind a “colossal” ransomware attack that affected hundreds of companies worldwide — just weeks after President Biden boasted about taking President Vladimir Putin to task on cyberattacks.
In a post on a blog typically used by the REvil cybercrime gang, a group of ransomware hackers appears to have taken responsibility for the cyberattack that hit more than 200 US companies Friday, demanding $70 million in bitcoin for the data to be returned.
“On Friday we launched an attack on [managed service providers]. More than a million systems were infected,” the posting on the dark-Web site Happy Blog said.
The post, written in broken English, requested the staggering price in exchange for the group releasing information to be able to regain access to sites “in less than an hour.”
The blog is frequently used by REvil.
Reps for REvil have declined to comment further to media in the wake of the attack.
Friday’s mass cyberattack — which the cybersecurity firm Huntress Labs has blamed directly on REvil — hit at least 200 companies at the start of the Independence Day weekend.
Swedish grocery stores, schools in New Zealand and two major Dutch Internet-technology firms were among the victims Friday after hackers breached the systems of the US-based software firm Kaseya.
After hitting Kaseya, a Florida-based IT company, the attack spread through the corporate networks that use its software.
Asked about the attack while in Michigan on Saturday, President Biden urged caution as US authorities narrowed down and confirmed the source of the attack.
“We’re not sure it’s the Russians,” he said, adding that he had been briefed on the matter and had instructed the intelligence community to find out more.
“The fact is that I’ve directed the intelligence community to give me a deep dive on what’s happened, and I’ll know better tomorrow,” he said. “And if it is either with the knowledge of and/or a consequence of Russia, then I told Putin we would respond.”
Asked if he had already spoken to the Kremlin, Biden said he had not, as he was waiting for the intelligence community to confirm the information before acting.
He then voiced doubts from those in the intelligence community about Russia being the source of the hack.
“We’re not certain. The initial thinking was it was not the Russian government, but we’re not sure yet.”
Ransomware is a malicious software that locks up a user’s data. Hackers typically demand money, most frequently in untraceable cryptocurrency, to unlock or return the affected data.
Ransomware and other cyberattacks have skyrocketed in recent months.
FBI Director Christopher Wray revealed last month that in the United States alone, the FBI is investigating about 100 different types of ransomware.