The US press secretary Jen Psaki says the US will take action against Russian cybercriminal groups if Russia refuses to cooperate with the US.
The White House stated that it would hold another meeting with Russian officials next week to discuss the increasing number of ransomware attacks.
“We have undertaken expert level talks that are continuing. We expect to have another meeting next week focused on ransomware attacks,” the White House Press Secretary stated during a briefing on the Biden administration’s policy agenda.
“As the President made clear to President Putin when they met, if the Russian government cannot or will not take action against criminal actors residing in Russia, we will take action or reserve the right to take action on our own.
The US State Department’s spokeswoman said that the REvil ransomware attack that affected a Florida-based company was not yet attributed to Russia.
“Now, in this case, the intelligence community has not yet attributed the attack. The cybersecurity community agrees that REvil operates out of Russia with affiliates around the world.”
The leaders of the G7 countries asked Russia to step up its efforts to prevent the spread of ransomware gangs operating within its borders.
According to Kaseya, the supply-chain ransomware attack that affected almost 60 managed service providers had “had limited impact” and hit only a fraction of its downstream customers that were using its VSA remote monitoring software. Whereas, REvil claimed to have over a million systems encrypted in its massive supply-chain attack. It is now asking for $50 million to a universal decryptor.
In total, the attackers compromised about 1,500 downstream businesses. The incident was never considered a threat to critical infrastructure, according to Kaseya.
“The attack had limited impact, with only approximately 50 of the more than 35,000 Kaseya customers being breached,” Kaseya said. “Of the approximately 800,000 to 1,000,000 local and small businesses that are managed by Kaseya’s customers, only about 800 to 1,500 have been compromised.”