July 4 (UPI) — President Joe Biden said Saturday that he directed intelligence agencies to investigate a ransomware attack that hit hundreds of American businesses as the weekend began.
Huntress Labs, a security company, suspects the attack — which affected software platform Kaseya and many small businesses on Friday — was made by the Russia-linked REvil ransomware gang. The same group was blamed for attacking meatpacker JBS last month by the FBI.
Kaseya confirmed Saturday morning that it suffered a “sophisticated cyberattack” on its VSA software — a set of tools used by Information Technology departments to manage and monitor computers remotely. About 40 percent of its customers had been affected.
The attack was felt internationally and is likely to affect more businesses.
The VSA software is used by large IT companies offering their services to hundreds of small businesses, potentially spreading the hack to thousands of victims.
Combining two tactics deployed by hackers — supply chain attacks and ransomware — the hackers managed to use Kaseya’s VSA platform to get into other companies’ systems and deploy ransomware.
Kaseya told all of its 40,000 customers to disconnect the software immediately.
The attack could be one of the biggest in history and could increase tensions between the United States and Russia.
President Joe Biden and Russian President Vladmir Putin met in Geneva last month, where Biden warned Putin that the U.S. would hold Russia accountable for cyberattacks originating in the country.
On a visit to Michigan on Saturday, Biden was asked about the hack while shopping for pies at the cherry orchard.
“The initial thinking was it was not the Russian government, but we’re not sure yet,” he said.
Biden added that the U.S. would respond if it determined Russia was to blame.