Scale, details of ransomware attack emerge
BOSTON — Cybersecurity teams worked feverishly Sunday to stem the impact of the single biggest global ransomware attack on record, with some details emerging about how the Russia-linked gang responsible breached the company whose software was the conduit.
An affiliate of the notorious Ravil gang, best known for extorting
$11 million from the meat-processor JBS after a Memorial Day attack, infected thousands of victims in at least 17 countries on Friday, largely through firms that remotely manage IT infrastructure for multiple customers, cybersecurity researchers said. They reported ransom demands of up to $5 million.
The FBI said in a statement Sunday that it was investigating the attack along with the federal Cybersecurity and Infrastructure Security Agency, though “the scale of this incident may make it so that we are unable to respond to each victim individually.”
President Joe Biden suggested Saturday the U.S. would respond if it was determined that the Kremlin is at all involved. He said he had asked the intelligence community for a “deep dive” on what happened.
The attack comes less than a month after Biden pressed Russian President Vladimir Putin to stop providing safe haven to Revil and other ransomware gangs.
A broad array of businesses and public agencies were hit by the latest attack — apparently on all continents — though few large companies, the cybersecurity firm Sophos reported. Ransomware criminals break into networks and sow malware that cripples networks by scrambling all their data. Victims get a decoder key when they pay up.
The Revil hacker group was also behind a criminal data breach against University Medical Center in mid-june that the Las Vegas hospital reported last week.