Joe Biden Directs US Intelligence to Investigate Ransomware Attack Against Florida IT Firm
Joe Biden wants to crackdown on ransomware according to statements he made on Friday, after hackers hijacked software from a Miami-based IT supplier called Kaseya. Hundreds of American businesses were affected by the breach as the attackers encrypted the files of some 200 clients. Biden said on Friday that he’s ordered an investigation into the exploited Florida-based IT infrastructure.
Biden Directs US Intelligence Agencies to Look Into the Kaseya Ransomware Attack
Following the Colonial Pipeline ransomware attack, this past week an IT supplier called Kaseya was breached and the company’s software management tool called VSA was exploited. This attack affected a great number of Kaseya clients on Friday and suspicions of Russian gang involvement were sparked by investigators. Huntress, a security company, said that the company believes Russians were involved and blames a gang called Revil. The Revil ransomware gange is suspected of attacking the meatpacking company JBS last month as well.
American president Joe Biden remarked during a public appearance that he had directed U.S. intelligence agencies to investigate the matter and that the U.S. would do something if Russia was found to be behind it. Last month, Biden met with Russian president Vladimir Putin and told the leader that if ransomware attacks continued and were found to be from Russia there would be consequences. However, Biden said “we’re not certain” who was behind the attack on the Florida IT company and added:
The initial thinking was it was not the Russian government but we’re not sure yet.
Kaseya’s chief executive, Fred Voccola, told the press that the company had found the vulnerability and would “release that patch as quickly as possible to get our customers back up and running.” John Hammond, Huntress senior security researcher, said that this single piece of shared software allowed hundreds of companies to get exploited. “This is a colossal and devastating supply chain attack,” Hammond stressed on Friday.
Ransomware Has Pushed the Biden Administration Toward Investigating the Crypto Ecosystem
Biden’s statements follow U.S. Department of State’s undersecretary of state for political affairs Victoria Nuland’s comments about the Colonial Pipeline hack. Speaking of a discussion she had with Salvadoran president Nayib Bukele, Nuland remarked that after the Colonial Pipeline ransomware hack the U.S. State Department was taking a “tough look at bitcoin.”
The U.S.-based energy firm Colonial Pipeline saw its infrastructure fold in May after a ransomware gang exploited the system. Colonial Pipeline then paid the hackers 75 bitcoin (BTC) to get its infrastructure back online. However, in early June, U.S. law enforcement agencies said they recovered a majority of the funds (63.70 BTC) that were meant to go to the ransomware gang members.
Before the Kaseya hack, Biden’s administration had already published a “Memorandum on Establishing the Fight Against Corruption as a Core United States National Security Interest” in the first week of June. Biden’s directive to federal agencies put cryptocurrencies in the spotlight and the administration explains that the directive is meant to bolster national security.
A Kaseya hack response team member said that the breach on Friday sent out a myriad of ransom demands to all the businesses that were infected. Reuters reports that demands for “a few thousand dollars to $5 million or more” were sent to the clients affected by the Kaseya ransomware attack.
What do you think about Joe Biden giving a directive to U.S. intelligence agencies to investigate the Kaseya ransomware hack? Let us know what you think about this subject in the comments section below.