20 minutes ago...

Biden orders probe of latest ransomware attack | Reuters

CENTRAL LAKE, Mich., July 3 (Reuters) - President Joe Biden said on Saturday he has directed U.S. intelligence agencies to investigate who was behind a sophisticated ransomware attack that hit hundreds of American businesses and led to suspicions of Russian gang involvement.

Security firm Huntress Labs said on Friday it believed the Russia-linked REvil ransomware gang was to blame for the latest ransomware outbreak. Last month, the FBI blamed the same group for paralyzing meat packer JBS SA .

Biden, on a visit to Michigan to promote his vaccination program, was asked about the hack while shopping for pies at a cherry orchard market.

Biden said "we're not certain" who is behind the attack. "The initial thinking was it was not the Russian government but we're not sure yet," he said.

Biden said he had directed U.S. intelligence agencies to investigate, and the United States will respond if they determine Russia is to blame.

During a summit in Geneva on June 16, Biden urged Russian President Vladimir Putin to crack down on cyber hackers emanating from Russia, and warned of consequences if such ransomware attacks continued to proliferate.

Biden said he would receive a briefing about the latest attack on Sunday.

"If it is either with the knowledge of and/or a consequence of Russia then I told Putin we will respond," Biden said, referring to what he told Putin in Geneva.

The hackers who struck on Friday hijacked widely used technology management software from a Miami-based supplier called Kaseya. They changed a Kaseya tool called VSA, used by companies that manage technology at smaller businesses. They then encrypted the files of those providers' customers simultaneously.

Huntress said it was tracking eight managed service providers that had been used to infect some 200 clients.

Kaseya said on its own website on Friday that it was investigating a "potential attack" on VSA, which is used by IT professionals to manage servers, desktops, network devices and printers.

"This is a colossal and devastating supply chain attack," Huntress senior security researcher John Hammond said in an email, referring to an increasingly high profile hacker technique of hijacking one piece of software to compromise hundreds or thousands of users at a time.

In a statement on Friday, the U.S. Cybersecurity and Infrastructure Security Agency said it was "taking action to understand and address the recent supply-chain ransomware attack" against Kaseya's VSA product.

Supply chain attacks have crept to the top of the cybersecurity agenda after the United States accused hackers of operating at the Russian government's direction and tampering with a network monitoring tool built by Texas software firm SolarWinds.

On Thursday, U.S. and British authorities said Russian spies accused of interfering in the 2016 U.S. presidential election have spent much of the past two years abusing virtual private networks (VPNs) to target hundreds of organizations worldwide.

On Friday, Russia's embassy in Washington denied that charge.

  • 01100011101001111100 [she/her]
    ·
    3 years ago

    All you have to do is pay your IT department decently, upgrade your equipment, and train any staff on common phishing etc. attacks. That's it.

    BuT WHaT abOUt mY pROfITS? Well, what about em? You making more money after a bunch of ransomware attacks?

    These business owners desperately want to offload cyber security to the federal government. Good luck, the feds cut budgets too - everybody everywhere is on a skeletal crew with no budget and ancient equipment. Maybe dip into your profit line. Or dont, I actually prefer you morons to keep getting owned by hackers.

  • SorosFootSoldier [he/him, they/them]
    ·
    edit-2
    3 years ago

    Why do these Russian ransomware gangs have such lame circa 2003 hacker names. DARKSIDE, REVIL, THOR'S HAMMER, XXX_THA_CHOSEN_ONES_XXX

    • inshallah2 [none/use name]
      hexagon
      ·
      3 years ago

      Maybe the names sound cool in Russian (and look cool in Cyrillic?) but something gets lost in transliteration.

        • inshallah2 [none/use name]
          hexagon
          ·
          3 years ago

          I just googled. I wonder if translation is a common problem. To me "Honker Union" sounds like a ultra-cheapie Hooters knockoff...

          Honker Union

          Honker (simplified Chinese: 红客; traditional Chinese: 紅客; pinyin: hóngkè) or red hacker is a group known for hacktivism, mainly present in China. Literally the name means "Red Guest", as compared to the usual Chinese transliteration of hacker (黑客, hēikè, literally Black Guest as in black hat).

    • Glass [he/him,they/them]
      ·
      edit-2
      3 years ago

      I find 2003 lameness endearing because the idea of coolness was evolving so rapidly that being very cool became a knife's edge walk and for a while, cool and lame became less "two sides of a coin" and more of coexisting elements. See: the Blade movies.

  • Lil_Revolitionary [she/her,they/them]
    ·
    3 years ago

    I think we should retaliate harshly against Russia, while also retaliating harshly against China, and Iran, and Venezuela and North Korea and...

  • comi [he/him]
    ·
    edit-2
    3 years ago

    Hackers using vpn? These cannot be, we should outlaw vpn - usa in 5 years

    • inshallah2 [none/use name]
      hexagon
      ·
      3 years ago

      I use a vpn. Holy shit - I'm a hacker!

      I can't wait for the money to roll in. Has an untraceable bank account in the Cayman Islands been made for me? Or do I have to do that myself?

      • comi [he/him]
        ·
        3 years ago

        :solidarity: you see they are abusing vpn, to conceal their russianness. Hackers from usa? Russians using vpn. So you may not be a hacker, but you are russian

        • inshallah2 [none/use name]
          hexagon
          ·
          3 years ago

          So you may not be a hacker, but you are russian

          Oh, man. I'm not sad if I'm Vlad but I thought hacking was always included.

  • Glass [he/him,they/them]
    ·
    3 years ago

    Wouldn't be surprised if this was some secret army shit being done to justify some bullshit political move against Russia