About 200 US businesses have been hit by a "colossal" ransomware attack, according to a cyber-security firm.
Huntress Labs said the hack targeted Florida-based IT company Kaseya before spreading through corporate networks that use its software.
Kaseya said in a statement on its own website that it was investigating a "potential attack".
Huntress Labs said it believed the Russia-linked REvil ransomware gang was responsible.
The US Cybersecurity and Infrastructure Agency, a federal agency, said in a statement that it was taking action to address the attack.
The cyber-breach emerged on Friday afternoon as companies across the US were clocking off for the long Independence Day weekend.
"This is a colossal and devastating supply chain attack," Huntress Labs' senior security researcher John Hammond said in an email to Reuters news agency.
At a summit in Geneva last month, US President Joe Biden said he told Russian President Vladimir Putin he had a responsibility to rein in such cyber-attacks.
Mr Biden said he gave Mr Putin a list of 16 critical infrastructure sectors, from energy to water, that should not be subject to hacking.
REvil - also known as Sodinokibi - is one of the most prolific and profitable cyber-criminal groups in the world.
The gang was blamed by the FBI for a hack in May that paralysed operations at JBS - the world's largest meat supplier.
The group sometimes threatens to post stolen documents on its website - known as the "Happy Blog" - if victims don't comply with its demands.
REvil was also linked to a co-ordinated attack on nearly two dozen local governments in Texas in 2019.
0 Comments