WASHINGTON – According to a cybersecurity researcher whose company responded to the incident, a ransomware attack crippled the networks of at least 200 US companies on Friday.
The REvil gang, a large Russian-speaking ransomware syndicate, appears to be behind the attack, said John Hammond of security firm Huntress Labs. He said the criminals targeted a software company called Kaseya and used its network management package as a channel to spread the ransomware through cloud service providers. Other researchers agreed with Hammond’s assessment.
“Kaseya is serving large businesses to small businesses worldwide, so (this) ultimately has the potential to expand to businesses of any size or scale,” Hammond said in a direct message on Twitter. “This is a colossal and devastating attack on the supply chain.”
Such cyberattacks usually infiltrate widespread software and, if updated, spread malware …