5.9k Share this
Joe Biden has warned that the US will retaliate if it finds out Russia was behind the mass cyberattack that hit at least 200 firms in the run-up to July 4 weekend.
The president told reporters Saturday that it is not yet clear who is behind the latest cybersecurity breach to strike American businesses but insisted that he ‘will respond’ if it is tied to Russian President Vladimir Putin.
‘We’re not sure who it is,’ he said while he celebrated the start of July 4 weekend at a cherry farm in Central Lake, Michigan.
‘The initial thinking was it was not the Russian government but we’re not sure yet.’
He added: ‘If it is either with the knowledge of and/or a consequence of Russia, then I told Putin we will respond.’
The warning comes after the two leaders met at the Geneva Summit last month, where Biden warned Putin there would be consequences if ransomware attacks continued to hit the US from Russia.
In recent months, the nation’s critical infrastructure has come under attack from hackers thought to be based in Russia, with one of the biggest fuel carriers and one of the biggest meat suppliers each shuttered for days following breaches.
Joe Biden warned that the US will retaliate if it finds out Russia was behind the mass cyberattack that hit at least 200 firms in the run-up to July 4 weekend. Biden speaking at a cherry farm in Central Lake, Michigan Saturday
The warning comes after the two leaders met at the Geneva Summit last month, where Biden warned Putin there would be consequences if ransomware attacks continued to hit the US from Russia
Biden said Saturday he had not spoken with Putin since the latest breach or since their meeting in Geneva.
He said he should know more about the latest attack Sunday when he is briefed by US intelligence officials.
‘I directed the full resources of the government to assist in the response if needed,’ he said.
‘I directed the intelligence community to give me a deep dive on what’s happened. I’ll know better tomorrow.’
The US Cybersecurity and Infrastructure Security Agency (CISA) said Friday it was ‘taking action to understand and address the recent supply-chain ransomware attack.’
Around 200 US businesses were impacted by the ‘colossal’ cyber attack Friday, paralyzing their computer networks.
The hackers first targeted Florida-based IT company Kaseya before spreading to other firms that use the company’s software.
The breach was discovered Friday afternoon as many businesses had already closed or waved goodbye to employees for the long Independence Day weekend.
Among those thought to be affected is Synnex Corp. – one of the vendors of the Republican National Committee (RNC), reported Bloomberg.
A spokesman said Microsoft had alerted the RMC that Synnex ‘may have been expose’ but said there was ‘no indication’ the RNC fell victim to an attack or had sensitive information stolen.
Biden (in a farm store on Saturday) told reporters Saturday that it is not yet clear who is behind the latest cybersecurity breach to strike American businesses but insisted that he ‘will respond’ if it is tied to Russian President Vladimir Putin
Security firm Huntress said Friday it believed the Russia-linked REvil ransomware gang was to blame.
Last month, the FBI blamed the same group for paralyzing US meat packer JBS.
The hackers who struck Friday hijacked widely used technology management software from Kaseya then changed a Kaseya tool called VSA.
VSA is used by IT professionals to manage technology including servers, desktops, network devices and printers at smaller businesses.
The cybercriminals then encrypted the files of those providers’ customers simultaneously.
Huntress said it was tracking eight managed service providers that had been used to infect some 200 clients.
Huntress senior security researcher John Hammond described the incident as ‘a colossal and devastating supply chain attack.’
Security firm Huntress said Friday it believed the Russia-linked REvil ransomware gang was to blame for the latest attack. Last month, the FBI blamed the same group for paralyzing US meat packer JB
JBS, the nation’s largest meat supplier, learned of an attack on May 30 after finding ‘irregularities’ on its servers and a ransom note.
This forced the supplier to shut down its computer servers, suspending meat production systems at its US plants for four days.
This came just weeks after Colonial Pipeline fell victim to an attack that forced the carrier of 45 percent of fuel to the East Coast to shut down its entire network and sparked a fuel crisis nationwide.
The attack forced the pipeline offline on May 7, halting 2.5 million barrels per day of fuel shipments along the line running from Texas to New Jersey.
In recent months, the nation’s critical infrastructure has come under attack from hackers. Colonial Pipeline fell victim to an attack that forced the carrier of 45 percent of fuel to the East Coast to shut down its entire network and sparked a fuel crisis nationwide
It sparked concerns of a national fuel crisis with thousands of gas stations running out of fuel and motorists racing to fill up their cars, pushing the national average price of gas past $3 for the first time since 2014.
The FBI named DarkSide as the perpetrator of the attack. DarkSide is a criminal cybergroup believed to be based in Russia or Eastern Europe with ties to Russia.
Officials said the hack was the most disruptive cyberattack on energy infrastructure in American history.
Biden met with Putin two weeks after the JBC attack at a summit in Geneva, Switzerland, on June 16.
At the meeting he urged the Russian president to crack down on cyber hackers emanating from Russia, and warned of consequences if such attacks continued.
However, tensions have continued to mount since then with the US and British authorities on Thursday saying Russian spies accused of interfering in the 2016 US presidential election spent the past two years abusing virtual private networks (VPNs) to target hundreds of organizations worldwide.
Russia’s embassy in Washington denied the allegations Friday.
Source: dailymail
