US may take action against Russian ransomware attackers

White House press secretary Jen Psaki said that if Russia does not take action against Russian cybercriminals, the United States will act accordingly.

Since the beginning of this year, the United States has been subjected to several serious cyber attacks. In May, Sol Oriens, an American nuclear weapons contractor, was attacked by the REvil ransomware virus, and business data and employee information were stolen. In June, a hacker attack on JBS, the world’s largest meat supplier, forced its U.S. factories to shut down. On July 2, the REvil ransomware gang launched a supply chain attack using a vulnerability in the Kaseya remote management software in the United States, affecting more than 1,000 enterprises and extorting about $70 million worth of bitcoin ransoms.

On July 6, White House press secretary Jen Psaki said that if Russia does not take action against Russian cybercriminal organizations, the United States will take action accordingly. Top U.S. and Russian officials will start talks next week to address cyberattacks against the U.S. this year, particularly ransomware attacks, Jen Psaki said. When U.S. President Biden and Russian President Vladimir Putin met before, they pointed out that if the Russian government cannot or does not take action against cybercriminals located in Russia, then the United States will take measures or reserve the right to take measures.

At present, intelligence agencies have not yet determined the attribution of the attack, but the intelligence agencies have determined that the operators of the REvil ransomware are not in Russia.

Last month, G7 leaders also asked the Russian government to crack down on a ransomware team based in Russia that is known to have launched attacks on companies in key sectors around the world.

On July 6, Kaseya said that the REvil ransomware group’s supply chain ransomware attack had a very limited impact, as it only attacked less than 60 managed service providers (MSPs) using VSA remote monitoring and management software, affecting only about 35,000 Kaseya 50 of customers. Additionally, the attack will no longer be a threat and will not impact critical infrastructure.

After the attack, both CISA and the FBI issued guidelines for victims of the attack, and the White House National Security Council went to victims to report the incident and followed the guidelines issued by Kaseya.

The Links:   6DI100AH-050 2MBI450U4E-120

Author: Yoyokuo