- Home
- China
- World
- Asia-Pacific
- Americas
- Europe
- Middle-East and Africa
- Politics
- Business
- Opinions
- Tech & Sci
- Culture
- Sports
- Travel
- Nature
- Picture
- Video
- Live
- TV
- Specials
- Learn Chinese
Share
Copied
U.S. President Joe Biden said on Saturday he has directed the country's intelligence agencies to investigate who was behind a sophisticated ransomware attack that hit hundreds of American businesses and led to suspicions of Russian gang involvement.
Security firm Huntress Labs said on Friday it believed the Russia-linked REvil ransomware gang was to blame for the latest ransomware outbreak. Last month, the FBI blamed the same group for paralyzing meat packer JBS S.A.
However, Russia has denied any involvement in the series of cyberattack incident in the U.S. In a Facebook post on Thursday, the Russian Embassy to the United States wrote, "We hope that the American side will abandon the practice of unfounded accusations and focus on professional work with Russian experts to strengthen international information security, and in this context, on joint efforts to combat cybercrime."
U.S. President Joe Biden speaks at Carpenters Pittsburgh Training Center in Pittsburgh, Pennsylvania, U.S., March 31, 2021. /Reuters
Biden, on a visit to Michigan to promote his vaccination program, was asked about the hack while shopping for pies at a cherry orchard market.
Biden said "we're not certain" who is behind the attack. "The initial thinking was it was not the Russian government but we're not sure yet," he said.
Biden said he had directed U.S. intelligence agencies to investigate, and the United States will respond if they determine Russia is to blame.
The hackers who struck on Friday hijacked widely used technology management software from a Miami-based supplier called Kaseya. They changed a Kaseya tool called VSA, used by companies that manage technology at smaller businesses. They then encrypted the files of those providers' customers simultaneously.
Kaseya said on its own website on Friday that it was investigating a "potential attack" on VSA, which is used by IT professionals to manage servers, desktops, network devices and printers.
"This is a colossal and devastating supply chain attack," Huntress senior security researcher John Hammond said in an email, referring to an increasingly high profile hacker technique of hijacking one piece of software to compromise hundreds or thousands of users at a time.
(With input from Reuters)
