‘Colossal and devastating’ ransomware attack targets hundreds of US businesses, cyber researchers say – RT USA News – .

‘Colossal and devastating’ ransomware attack targets hundreds of US businesses, cyber researchers say – RT USA News – .

    Une attaque de ransomware semble être en cours contre la plate-forme de gestion informatique à distance Kaseya, affectant bon nombre de ses clients, a déclaré l'agence américaine de cybersécurité.  Les chercheurs blâment les mêmes pirates informatiques qui se sont attaqués à l'emballeur de viande JBS.

</p><div><p>L'Agence américaine de cybersécurité et de sécurité des infrastructures (CISA) a déclaré vendredi soir qu'elle était<em> « prendre des mesures pour comprendre et résoudre la récente attaque de ransomware de la chaîne d'approvisionnement contre Kaseya »</em> et les fournisseurs qui utilisent leur logiciel.</p><div class="rtcode"><blockquote class="twitter-tweet lazyload" data-twitter="twitter-tweet"><p lang="en" dir="ltr">Attaque de la chaîne d'approvisionnement de Kaseya, couramment utilisée dans les environnements de fournisseurs de services gérés aux États-Unis, conduisant à un événement de ransomware de masse. Détails dans le lien et le fil au fur et à mesure de leur développement : https://t.co/YStENYMTdW</p>– Kevin Beaumont (@GossiTheDog) <a href="https://twitter.com/GossiTheDog/status/1411045233136177173?ref_src=twsrc%5Etfw">2 juillet 2021</a></blockquote></div><p>Kaseya a mis son service cloud hors ligne.  Il a d'abord déclaré que 200 entreprises étaient affectées, mais a ensuite changé cela en<em> "un petit nombre."</em> Ni la société ni CISA n'ont dit quoi que ce soit sur la façon dont les pirates auraient pu y accéder.

John Hammond of cybersecurity firm Huntress Labs said “Thousands” computers have been affected. “We currently have three Huntress partners who are impacted by around 200 companies that have been encrypted”, he said, calling it a “Colossal and devastating attack on the supply chain”.

Brett Callow, a ransomware expert at Emsisoft, told AP he was not aware of any previous ransomware attacks on the supply chain on this scale, calling him “SolarWinds with ransomware. “

While the US government blamed last year’s SolarWinds breach on Russia – Moscow has denied any involvement, calling the innuendos “Absurd” and “Pathetic” – the Kaseya hack appeared to be the work of REvil, a group that many American researchers have described as “Russian-speaking. “

“Based on everything we are seeing right now, we strongly believe that this (is) REvil / Sodinikibi”, this Hammond.

REvil is a criminal syndicate that the FBI blamed for the May ransomware attack on JBS, the Brazilian meat-packaging conglomerate, which disrupted meat processing and deliveries to the United States, Canada and Australia. JBS admitted on June 10 that it paid a ransom of $ 11 million to hackers in order to restore operations and avoid future disruption.

Also on rt.com
Major U.S. meat processor admits paying $ 11 MILLION in bitcoin ransom to hackers to avoid further disruption

While the White House did not blame Russia for the JBS attack, White House Press Secretary Jen Psaki said that “Responsible states do not host ransomware criminals” after the FBI named REvil as the likely culprit for the violation.

Cyber ​​sleuths also don’t believe the timing of Kaseya’s reported hack was an accident. It came as the United States prepared for a three-day weekend to celebrate Independence Day, and many businesses as well as government agencies were shutting down earlier.

“There is no doubt in my mind that the timing here was intentional”, Jake Williams of Rendition Infosec told AP.

Washington has repeatedly accused Moscow of orchestrating cyber attacks against US infrastructure or “Harboring criminal entities” who do. Last month’s summit between US President Joe Biden and Russian President Vladimir Putin in Geneva highlighted a discussion about hacking.

Also on rt.com
Cyberhack conflict: Russian diplomats claim Moscow is not behind attacks on US targets, but is itself constantly bombarded by Americans

On Friday morning, the Russian Embassy in Washington issued a statement noting that “Constant attacks on critical infrastructure in Russia” come from American soil and expressed the hope that Americans “Abandon the practice of baseless accusations and focus on professional work with Russian experts to strengthen international information security. “

Do you think your friends would be interested? Share this story!


Please enter your comment!
Please enter your name here