Ransomware rocks US firms
A massive cyberattack affecting hundreds of US companies is being investigated at the highest levels.
A ransomware attack paralysed the networks of at least 200 US companies late last week. It has since been linked to the REvil gang - a Russian-speaking ransomware syndicate.
The attack appears to have targeted a software supplier called Kaseya. This allowed it access to a network-management package that was used as a conduit to spread ransomware through cloud-service providers.
It is in line with REvil’s ransomware-as-a-service scheme, in which it sells network-paralysing software to so-called affiliates who infect targets and take in the bulk of the ransom.
In this case, hackers were able to change a Kaseya tool used by companies to manage technology for smaller businesses. They encrypted the files of those providers' customers and demanded payment for their restoration.
While the attack was aimed at US firms, its effects have been felt around the world. In Sweden, supermarket chain Coop had to close more than half of its stores due to outages linked to the attack, having lost control of its checkouts after a subcontractor was hacked.
US President Joe Biden says he has directed US intelligence agencies to investigate.