Biden to meet with national security experts on ransomware defense

The latest ransomware attack occurred over the holiday weekend.

July 7, 2021, 9:27 AM

President Joe Biden is slated to meet with national security and government leaders Wednesday to discuss the latest ransomware threat that happened over the holiday weekend.

Kaseya, an information technology and management solutions company, said 50 of its 35,000 clients were affected by a ransomware breach.

"While impacting approximately 50 of Kaseya’s customers, this attack was never a threat nor had any impact to critical infrastructure," the company said in a statement on Tuesday. "Many of Kaseya’s customers are managed service providers, using Kaseya’s technology to manage IT infrastructure for local and small businesses with less than 30 employees, such as dentists’ offices, small accounting offices and local restaurants. Of the approximately 800,000 to 1,000,000 local and small businesses that are managed by Kaseya’s customers, only about 800 to 1,500 have been compromised."

It's unknown who carried out the ransomware attack on Kaseya.

It's not just critical infrastructure being targeted. The Republican National Committee said one of its computer system vendors was breached by criminal cyber activity but insists that no RNC data was accessed.

“Over the weekend, we were informed that Synnex, a third-party provider, had been breached. We immediately blocked all access from Synnex accounts to our cloud environment. Our team worked with Microsoft to conduct a review of our systems and after a thorough investigation, no RNC data was accessed. We will continue to work with Microsoft, as well as federal law enforcement officials on this matter," RNC Chief of Staff Richard Walters said in a statement to ABC News.

The administration has put a renewed focus on cyber threats after a spate of ransomware attacks disrupted supply chains in various sectors, with the majority coming from hackers based in Russia.

"Even if there are criminal actors, even if it's not the Russian government that attacks our critical infrastructure or our country through cyberattacks, we reserve the option to take action if they won't do it on their own," White House press secretary Jen Psaki said on MSNBC Wednesday morning. "The president reserves that option, meeting with some of his national security experts this morning to get an update, to have a discussion about ransomware, and we'll see what we learn from there."

In May, one of the nation's largest pipeline companies, Colonial Pipeline, was hit with a ransomware attack, which prompted the administration to take action.

Biden signed an executive order shortly after the hack, which was aimed at modernizing the federal government's response to cyberattacks by "improving information-sharing between the U.S. government and the private sector on cyber issues," improving detection of hacks into federal systems and creating a "standardized playbook" for how the government responds to attacks, according to the White House.

PHOTO: Trucks are parked outside the JBS meat plant in Plainwell, Michigan, June 2, 2021.
Trucks are parked outside the JBS meat plant in Plainwell, Michigan, June 2, 2021.
Jeff Kowalsky/AFP via Getty Images

In addition to the executive order, the Department of Homeland Security mandated that pipeline companies report cyber breaches to federal authorities within 12 hours. The directive came from the Transportation Security Administration.

Meat supplier JBS has also been hit with a ransomware attack, forcing its meat plants to stop operations for a few days.

Both JBS and Colonial Pipeline paid the ransom to get their systems back online.

“I made the decision to pay, and I made the decision to keep the information about the payment as confidential as possible,” Colonial Pipeline CEO Joesph Blunt told a Senate Committee in June. "It was the hardest decision I made in my 39 years in the energy industry, and I know how critical our pipeline is to the country, and I put the interest of the country first.”

Related Topics