"Companies in the United States have been struck by a 'colossal' cyber-attack."
According to Huntress Labs, the hack started with Kaseya, a Florida-based IT firm, and then spread to other companies that use its software. Kaseya said it was looking into a "potential attack" in a statement posted on its own website. Huntress Labs believes the REvil ransomware organisation, which has ties to Russia, is to blame.
In a statement, the US Cybersecurity and Infrastructure Agency, a federal agency, said it was responding to the attack. The cyber-breach was discovered on Friday afternoon, when most businesses in the United States were closed for the long Fourth of July weekend. One of Kaseya's apps, which manages corporate servers and desktop computers, may have been compromised, according to the company.
Last month, US President Joe Biden claimed he informed Russian President Vladimir Putin that he had a responsibility to stop such cyber-attacks at a summit in Geneva. Mr. Biden said he handed Mr. Putin a list of 16 essential infrastructure areas that should not be hacked, ranging from electricity to water.
REvil, also known as Sodinokibi, is one of the world's most prolific and lucrative cyber-criminal organisations. The FBI blamed the gang for a cyberattack at JBS, the world's largest beef supplier, that paralysed operations in May.
If victims do not comply with the group's requests, the gang has threatened to post stolen documents on its website, dubbed the "Happy Blog."