U.S. Software Company Investigates Cyberattack Possibly Linked To Russian Group

A U.S. software company says it is investigating a potential cyberattack that a cybersecurity expert said is a ransomware attack similar to a previous attack attributed to Russian hackers.
The company, Kaseya, in a statement on July 2 urged customers to immediately shut down servers running the affected software and confirmed that it had shut down some of its servers.
Kaseya said the attack was limited to a “small number” of its customers and said it is working closely with a few security firms that notified it of the issue. A cybersecurity researcher with security firm Huntress Labs said Huntress is one of those companies, adding that the criminals used Kaseya’s network management package as a conduit to spread ransomware through cloud service providers. The attack has paralyzed the networks of at least 200 U.S. companies that use Kaseya’s software, according to the researcher, John Hammond. Hammond told the Associated Press that REvil gang, a major Russian-speaking ransomware syndicate, appears to be behind the attack. “Based on everything we are seeing right now, we strongly believe this (is) REvil/Sodinikibi,” Hammond is quoted as saying. The FBI linked REvil to a ransomware attack in May on JBS, a major global meat processer. Ransomware attacks render their victims' data unusable by encrypting it until the victims pay off attackers.

The Cybersecurity and Infrastructure Security Agency (CISA) is closely monitoring this situation and is working with the FBI to gather information about the impact the incident, the agency said in an e-mail to RFE/RL.
"We encourage all who might be affected to employ the recommended mitigations and for users to follow Kaseya's guidance to shut down VSA servers immediately," said Eric Goldstein, executive assistant director for cybersecurity at the Department of Homeland Security. VSA is the company's flagship offering and is designed to let companies manage networks of computers and printers from a single point. CISA and the U.S. National Security Agency (NSA), however, posted an advisory on July 1 detailing how U.S. and British security agencies have exposed “brute force” methods they say have been used by the Russian military-intelligence agency known as the GRU to conduct malicious cyberactivities against hundreds of government and private organizations. The advisory described cyberattacks carried out by operatives of the GRU, which has been accused of involvement in attempts to disrupt U.S. presidential elections in 2016 and 2020, the hack in 2015 of the German Bundestag, and attacks on Ukraine's power grid, and many others.
“The advisory warns system administrators that exploitation is almost certainly ongoing. Targets have been global, but primarily focused on the United States and Europe,” CISA said.
U.S. President Joe Biden raised cybersecurity during his summit last month with Russian President Vladimir Putin. He said he told Putin that certain types of critical infrastructure should be off limits to cyberattacks. Biden said he and Putin agreed to further discussions on those types of attacks and on the pursuit of criminals carrying out ransomware attacks. Prior to the ransomware attack on JBS, a similar attack on Colonial Pipeline, one of the largest pipeline operators in the United States, forced the shutdown of fuel supplies to much of the East Coast for nearly a week. The U.S. Justice Department later said it had recovered most of the bitcoin ransom paid to the suspected Russia-based Darkside cybercriminal group behind the attack on Colonial Pipeline.

With reporting by AP and AFP

Radio Free Europe

RFE/RL journalists report the news in 22 countries where a free press is banned by the government or not fully established, including Iran, Afghanistan, Pakistan, and Russia.

https://www.rferl.org/

Related news
Gutfeld: AOC hasn't lived enough to be that arrogant in her wisdom.

Gutfeld: AOC hasn't lived enough to be that arrogant in her wisdom.

Fox News host calls out the 'looney left' and their radical agenda on 'The Five.' #FoxNews #TheFive Subscribe to Fox News! Watch more Fox News Video: Watch Fox News Channel Live: FOX News Channel (FNC) is a 24-hour all-encompassing news service de...

Comedian Kathy Griffin Shares She Needs Surgery For Lung Cancer.

Comedian Kathy Griffin Shares She Needs Surgery For Lung Cancer.

Comedian Kathy Griffin revealed on social media that she will undergo surgery for lung cancer. Griffin said doctors are optimistic the cancer is only stage one and contained to her left lung.  » Subscribe to NBC News: » Watch more NBC video: NBC N...

Leo Terrell blasts Olympic athlete for protesting national anthem.

Leo Terrell blasts Olympic athlete for protesting national anthem.

Fox News contributor Leo Terrell sounds off on US Olympian who turned her back on the national anthem Subscribe to Fox News! Watch more Fox News Video: Watch Fox News Channel Live: News Channel (FNC) is a 24-hour all-encompassing news service deli...

Trump grapples with maintaining political relevancy.

Trump grapples with maintaining political relevancy.

Former President Trump has been working to maintain leadership in the Republican Party since his defeat in the 2020 election. However, over the past few weeks, he's seen several political fires pop up, including two big developments from the Justi...

U.S. Sees 100,000 New Covid Cases In Single Day

U.S. Sees 100,000 New Covid Cases In Single Day

The U.S. has surpassed last summer’s average for new cases as the delta variant fills ICUs. This comes as the White House confirmed 70 percent of adults are at least partially vaccinated.  » Subscribe to NBC News: » Watch more NBC video: NBC News ...

Tim Pool 'can't believe' people are falling for these narratives.

Tim Pool 'can't believe' people are falling for these narratives.

'Timcast IRL' host calls out escalating violence across the country and how Democrats are using the pandemic as a scapegoat. #FoxNews #FoxNewsPrimetime Subscribe to Fox News! Watch more Fox News Video: Watch Fox News Channel Live: FOX News Channel...