White House Press Secretary Jen Psaki says that the US will take action against cybercriminal groups from Russia if the Russian government refuses to do so.


white house usa news ransomware attacks hack russia conflict keseya it company Press Secretary Jen Psaki says that US take action against cybercriminal groups from Russian government refuses

Psaki added that the recent REvil ransomware attack on Florida-based IT company someone did not yet attribute Kaseya to anyone, specifically not to the Russian government. She also said that high-level US and Russian officials will meet again next week to address the recent attacks that have targeted US organizations this year.

"We have undertaken expert-level talks that are continuing. We expect to have another meeting next week focused on ransomware attacks,"

As the President made clear to President Putin when they met, if the Russian government cannot or will not take action against criminal actors living in Russia, we will take action or reserve the right to take action on our own.

"Now, in this case, the intelligence community has not yet attributed the attack. The cybersecurity community agrees that REvil operates out of Russia with affiliates around the world."

G7 (Group of 7) leaders also asked Russia last month ransomware gangs believed to be operating within its borders after the seemingly endless stream of attacks targeting organizations from critical sectors worldwide.

Earlier today, Kaseya said that the supply chain ransomware attack coordinated by the REvil ransomware group "had limited impact" as it hit fewer than 60 managed service providers (MSPs) using its VSA remote monitoring and management software.

REvil claims to have encrypted over 1,000,000 systems in this large-scale supply chain attack and, after initially demanding $70 million, it is now asking for $50 million for a universal decrypt.

The company said the attackers compromised up to 1,500 downstream businesses and "this attack was never a threat nor affected critical infrastructure," even though CISA considers the Information Technology Sector as a critical infrastructure sector.

"The attack had limited impact, with only approximately 50 of them over 35,000 Kaseya customers being breached,"

Kaseya said.

"Of the approximately 800,000 to 1,000,000 local and small businesses that are managed by Kaseya’s customers, only about 800 to 1,500 have been compromised."

Kaseya's CEO also added that

 "this highly sophisticated attack has proven to be, thankfully, overstated."

CISA and the FBI have shared guidance for victims of this attack, and the White House National Security Council is urging victims to report incidents and follow the guidance issued by Kaseya.