(FiveNation.com)- It was just a few weeks ago that President Joe Biden sat down with Russian President Vladimir Putin and gave him a list of 16 US sectors that Biden said were off limits to cyberattacks.
Biden says he gave Putin a list of 16 things that are off limits for cyber attacks on critical infrastructure. pic.twitter.com/ijyQX4LU2l
— Jennifer Jacobs (@JenniferJJacobs) June 16, 2021
Well, either President Biden is deeply naïve to think Putin would listen. Or Russian hackers are now targeting sectors not included on Joe Biden’s silly list.
Last Friday, at least 200 American companies were targeted in yet another ransomware attack carried out by the Russian ransomware syndicate REvil.
REvil was also behind the attack against beef processor JBS a month earlier.
According to John Hammond of Huntress Labs security firm, REvil targeted software supplier Kaseya’s network-management package as a conduit to spread its ransomware through cloud service providers. Kaseya handles both large and small businesses throughout the globe.
“This is a colossal and devastating supply chain attack,” Hammond said.
At this time, it is still unclear just how many Kaseya customers have been affected in this ransomware attack. In a statement on its website, Kaseya said the attack was limited to only a “small number,” but it urged all of its customers to immediately shut down servers running its software.
Ransomware expert Brett Callow from the cybersecurity firm Emsisoft said that he was not aware of any previous ransomware supply-chain attack of this scale. While there have been others in the past, they were fairly minor compared to this one.
In a statement late Friday, the federal Cybersecurity and Infrastructure Security Agency said it was monitoring the situation closely and working with the FBI to collect more information about the impact of this massive ransomware attack. It also urged Kaseya users to follow the company’s guidance and shut down servers running its software.
Kaseya, a Dublin-based company with US headquarters in Miami, recently told the Miami Herald that it planned to hire as many as 500 workers by 2022 to staff a recently-acquired cybersecurity platform.
The average ransom payment REvil received last year was about half a million dollars. But given the sheer number of victims in this one ransomware attack, cybersecurity experts predict that it will be difficult for REvil to handle all the ransom negotiations involved.