Joe Biden isn't being tough enough on Russian President Vladimir Putin, critics claim after a new cyber attack by Kremlin-linked hackers hit up to 1 million companies and demanded $70 million in cryptocurrency to fix it.
The president told his Russian counterpart last month that he would take action against hacking groups that target the U.S., and on Saturday told reporters that he will retaliate against the ransomware attack.
'This marks a serious escalation just weeks after Putin-Biden summit on ransomware,' New York Times cybersecurity reporter Nicole Perlroth tweeted Saturday.
'Not only is this a supply chain attack on MSPs,' she continued, 'they broke in via a zero day, a significant advance for REVil which has traditionally compromised victims through usual means of phishing, etc.'
Biden has instructed the FBI to launch an investigation into the hack, but insists that he and the intelligence community are still 'not sure who' is behind the cyberattack.
In mid-June, Biden held a bilateral meeting in Geneva where he gave Putin a list of 16 critical infrastructure entities that are 'off limits.'
Those entities include energy, water, health care, emergency, chemical, nuclear, communications, government, defense, food, commercial facilities, IT, transportation, dams, manufacturing and financial services.
The most recent REvil hack, which was launched Friday, was aimed at breaching the IT systems of up to 1 million companies and businesses on almost every continent.
'Hard to see this as anything other than Putin tellin' Biden to f*** off,' one journalist wrote on Twitter.
Critics are lashing out at President Joe Biden for not keeping his promise to get tough on Russia over cyberattacks after the most recent hack targeting up to 1 million companies
One journalist wrote that the attack from REvil, which is Russian-linked, is a 'f*** off' to Biden from Putin
Another user said it's time to issue sanctions against Russia for the attack
Author Greg Olear wrote that it's time to retaliate.
'Its time,' he tweeted on Saturday. 'Kick them off the world banking system. Shut off the pipeline. No more appeasement.'
Others slammed President Biden as 'weak' for his slow response to the global cyberattack, which has affected a minimum of 1,000 U.S.-based companies.
House Minority Leader Kevin McCarthy tweeted on Saturday in reference to the bilateral meeting: 'Remember when President Biden gave Putin a list of things that were supposed to be off-limits for cyber attacks?'
'What he SHOULD have said is that ALL American targets are off-limits,' the California Republican continued.
He added: 'Biden is soft on crime and weak against Putin.'
During a trip to Central Lake, Michigan on Saturday, Biden said he would take action against the actors once more is known – casting doubt on whether the attack came from Russia.
House Minority Leader Kevin McCarthy said Biden is 'weak against Putin'. He tweeted: 'Remember when President Biden gave Putin a list of things that were supposed to be off-limits for cyber attacks? What he SHOULD have said is that ALL American targets are off-limits'
'We're not sure who it is,' the president said, while he celebrated the start of July 4 weekend at a cherry farm in the Great Lake State.
'The initial thinking was it was not the Russian government but we're not sure yet,' he continued as he fumbled with a paper in his suit jacket pocket with notes from a briefing on the situation beforehand.
He added: 'If it is either with the knowledge of and/or a consequence of Russia, then I told Putin we will respond.'
Biden said that he would respond more on Sunday, July 4, but did not release anything more on the incident on Independence Day.
The latest hack was the largest ransomware attack on record and affected the IT systems of up to 1 million companies across the world.
Russian-linked hacking group REvil, which breached the systems of U.S.-based software firm Kaseya to conduct its attack, is demanding $70 million in cryptocurrency before they will fix it.
Biden and Putin held bilateral talks in Geneva on June 16 where the U.S. president said he gave his counterpart a list of 16 critical infrastructure entities that are 'off limits', including IT, which was targeted by the REvil hack
Satnam Narang, a researcher at cyber exposure company Tenable, tweeted a screenshot of a blog post the hacking collective had posted on the dark web
Swedish grocery stores, schools in New Zealand, and two major Dutch IT firms were among the victims of the Friday hack.
Kaseya says just a few dozen of its customers were directly affected by the attack, but knock-on effects have brought down firms in 17 countries - with one expert saying the attack is 'unprecedented' in its scale and sophistication.
REvil, which was behind the recent hack of meat processor JBS which saw an $11million ransom paid, has been negotiating ransoms of up to $5million with individual firms - but now says for $70million it will unlock all affected networks.
Joe Biden, who last month warned President Putin to take action against hacking groups targeting the US from Russia, said the FBI is investigating the latest hack and he will take action if Moscow is deemed to be responsible.
Analysts said it is no coincidence that the attack coincided with the July 4 holiday weekend, when companies would be under-staffed and less able to respond.
Ciaran Martin, founder of the UK's National Cyber Security Centre, told Radio 4: 'The scale and sophistication of this global crime is rare, if not unprecedented.
'It is a really serious, global operation.'
Swedish grocery chain Coop was forced to close all 800 of its stores on Sunday and said they would remain shut on Monday after its tills were affected.
The country's national rail operator and public broadcaster SVT were also affected.
In Germany, an unnamed IT services company told authorities several thousand of its customers were compromised.
Also among reported victims were two big Dutch IT services companies - VelzArt and Hoppenbrouwer Techniek.
But most victims are believed to be small to medium-sized firms that are unlikely to publicly announce they have been infected - car dealerships, hair salons and accounting firms, among others.
Some Twitter users used sarcasm to suggest Biden isn't tough enough on Putin
Cybersecurity teams worked feverishly Sunday to stem the impact of the single biggest global ransomware attack on record, with some details emerging about how the Russia-linked gang responsible breached the company whose software was the conduit.
An affiliate of the notorious REvil gang, best known for extorting $11 million from the meat-processor JBS after a Memorial Day attack, infected thousands of victims in at least 17 countries on Friday, largely through firms that remotely manage IT infrastructure for multiple customers, cybersecurity researchers said.
Earlier, the FBI said in a statement that while it was investigating the attack its scale 'may make it so that we are unable to respond to each victim individually.'
Deputy National Security Advisor Anne Neuberger later issued a statement saying President Joe Biden had
