According to John Hammond, who works for the security firm Huntress Labs, the latest ransomware attack, which crippled the networks of as many as 200 American companies, was caused by the REvil gang.
REvil is a large Russian-speaking ransomware gang, which had targeted a software provider named Kaseya while using its network management package as a channel to spread the ransomware through cloud service providers.
While such cyberattacks typically infiltrate widely used software and then spread malware while it updates itself automatically, ransomware expert at the cybersecurity firm Emsisoft, Brett Callow explained that previous ransomware attacks on supply chains were relatively low compared to the recent attacks on hundreds of companies.
For more information, read the original story in NPR.