Biden Warns Putin to Act Towards Russian Ransomware Group

0
106

The call on Friday came just three weeks after the onslaught of ransomware attacks dominated their first Geneva summit. Immediately after the meeting, Mr Biden said he had told the Russian President that he would react “in a cyber way” against Russia if Mr Putin failed to crack down on groups operating on his territory.

But that three-hour meeting was largely a general discussion of the subject and an attempt to convince Putin that the presence of criminal cyber groups on Russian networks was also not in Moscow’s interest. By calling right after REvil’s most recent attack, he was essentially establishing a test of Putin’s readiness to act. But Mr Biden declined to say whether the United States had requested specific action against anyone it believed was part of REvil.

While the United States and Russia have long argued over government-sponsored attacks – including the SolarWinds espionage operation of Russia’s elite secret service SVR or the hacking of the Democratic National Committee by Russian military intelligence and the posting of embarrassing emails in 2016 – are ransomware attacks of a different nature. Government officials fear that if not addressed, they could paralyze key sectors of the US economy. And they suspect that the Russian authorities tolerate the groups – and sometimes use their talent pool for secret services and other cyber operations.

The White House blamed a Russian ransomware group called DarkSide for the attack on the Colonial Pipeline, which stopped gasoline and jet fuel shipments on the east coast this spring. REvil is believed to have been behind the attack on one of the country’s largest meat processors, JBS, which temporarily halted production in late May. The company paid REvil $ 11 million in cryptocurrency.

Updated

July 9, 2021, 6:36 p.m. ET

But REvil’s attack on July 4 was an escalation, officials said, not only because of its timing after the Geneva Summit, but because the attack was unusually advanced in technology and scope. Rather than targeting one company directly, REvil broke through a Florida tech company that has high-level access to tech companies that serve thousands of other companies. Had the Kaseya company not quickly intercepted the attack, the effects could have been disastrous, officials and cybersecurity experts say.

Mr Biden’s challenge to Mr Putin could be a major test of credibility in the coming weeks – and further escalate a Cold War-like series of confrontations between the United States and Russia now taking place in cyberspace rather than over the Berlin Wall.

Until recently, the United States has largely treated ransomware as a criminal problem, indicting leading actors if they could identify it. Few have ever seen the inside of an American courtroom.