Biden Warns Putin to Take Action Against Russian Ransomware Group


Friday’s call comes just three weeks after ransomware attacks dominated the first summit in Geneva. Immediately after that meeting, Mr. Biden said he told the Russian president that he would respond “cyberically” against Russia if Mr Putin did not take action against groups operating on its territory.

But this three-hour meeting was largely a general discussion of the issue and an effort to convince Mr. Putin that the presence of criminal cybergroups on Russian networks was not in Moscow’s interest either. By calling right after REvil’s last attack, he was actually testing Mr. Putin’s will to act. But Mr Biden declined to say whether the United States had requested specific action against people he believed were part of REvil.

While the United States and Russia have long fought against state-sponsored attacks, including Russia’s elite SVR intelligence agency’s SolarWinds espionage operation or the Russian military intelligence agency’s hacking of the Democratic National Committee and releasing embarrassing emails in 2016, the ransom software attacks are of different nature. Administration officials fear they could cripple key sectors of the US economy if they are not addressed. And they suspect that Russian officials tolerate the groups and sometimes dive into their talent pools for intelligence and other cyber operations.

The White House has blamed a Russian ransomware group called DarkSide for the attack on the Colonial Pipeline, which halted deliveries of gasoline and jet fuel to the East Coast this spring. REvil is believed to be behind the attack on JBS, one of the country’s largest meat processors, which briefly halted production in late May. The company paid REvil $11 million in cryptocurrency.

But officials said REvil’s offensive on the Fourth of July holiday was an escalation, not just because of its timing after the Geneva summit, but because the attack had progressed unusually technically and was aggressive in scope. Rather than targeting one company directly, REvil breached a Florida tech company with high-level access to tech firms that serve thousands of other companies. The effects could have been disastrous if the Kaseya company had not caught the attack quickly, officials and cybersecurity experts said.

Mr. Biden’s defiance of Mr. Putin could constitute a major test of credibility in the weeks to come and further escalate a series of Cold War-like conflicts between the US and Russia, currently fighting in cyberspace rather than the Berlin Wall.

Until recently, the United States largely treated ransomware as a criminal problem and blamed prominent actors if they could identify it. Few have seen the inside of an American courtroom.


Source link

Leave a Reply

Your email address will not be published. Required fields are marked *