NEW YORK: Just weeks after President Joe Biden implored Vladimir Putin to curb cyber crime, a notorious, Russia-linked ransomware gang has been accused of pulling off an audacious attack on the global software supply chain.

       REvil, the group blamed for the May 30 ransomware attack of meatpacking giant JBS SA, is believed to be behind hacks on at least 20 managed-service providers (MSPs), which provide IT services to small and medium businesses.

       More than 1,000 businesses have already been impacted, a figure that’s expected to grow, according to the cybersecurity firm Huntress Labs Inc.

       “Based on a combination of the service providers reaching out to us for assistance along with the comments we’re seeing in the thread we are tracking on our Reddit, it’s reasonable to think this could potentially be impacting thousands of small businesses,” according to John Hammond, a cybersecurity researcher at Huntress Labs.

       Biden said he had ordered a “deep dive” by US intelligence officials on what happened in the attacks. At this point, he said “we’re not sure” that Russia is behind them.

       “I directed the intelligence community to give me a deep dive on what’s happened and I’ll know better tomorrow (today),” Biden said, recalling that he told Putin during their meeting in June that the United States would respond to cyber transgressions.

       He added that he hasn’t called the Russian president about the latest case. “We’re not sure it’s the Russians,” he said. “The initial thinking was, it was not Russian government, but we’re not sure yet.”

       Attacking MSPs is a particularly devious method of hacking, since it may allow the attackers to then infiltrate their customers as well. Hammond said more than 20 MSPs have been affected so far.

       In Sweden, most of grocery chain Coop’s more than 800 stores couldn’t open on Saturday after the attack led to a malfunction of their cash registers, spokesperson Therese Knapp told Bloomberg News.

       There are victims in 17 countries so far, including the United Kingdom, South Africa, Canada, Argentina, Mexico and Spain, according to Aryeh Goretsky, a distinguished researcher at cybersecurity firm ESET.

       The ransomware attack is the latest in a string of devastating hacks in recent months, making cybersecurity an increasingly pressing national security issue for the Biden administration.

       At a summit on June 16, Biden warned Russian President Putin that 16 types of critical infrastructure – including food and agriculture, emergency services and healthcare – were off limits to future attacks.

       It’s not yet known if the US victims of the latest ransomware attack fell within those sectors. — Bloomberg