US calls on Russia to do more to crack down on ransomware groups ahead of White House meeting with allies

The US government has “shared information with Russia regarding criminal ransomware activity being conducted from its territory,” said the official, who spoke on the condition of anonymity under ground rules that the White House set for the call.

“We’ve seen some steps by the Russian government and are looking to see follow-up actions,” said the official, who declined to say what those steps and actions were.

A spokesperson for the Russian Embassy in Washington did not respond to a request for comment.

Biden in June urged Russian President Vladimir Putin to crack down on Russian-speaking hackers after a string of ransomware attacks cost US companies millions of dollars. One such incident forced Colonial Pipeline, which provides some 45% of fuel for the East Coast, to shut down operations for days in May.

The disruptions have placed cybersecurity, and ransomware in particular, high on the list of national security priorities for the White House.

Senior government officials from the US and 30 allied countries will meet virtually Wednesday and Thursday to forge closer cooperation in the fight against ransomware, which has knocked computers offline at health care centers in multiple countries during the coronavirus pandemic.

Australia, France, Germany and the United Kingdom are among the countries that will be represented at the meetings, according to the White House. The discussions will focus on efforts to prosecute and disrupt ransomware groups and on dealing with the role of cryptocurrency in funding ransomware attacks, among other issues.

Russia will be conspicuously absent from the meetings as the White House tries to make progress in bilateral talks with Moscow.

Since the Biden-Putin meeting, US officials have watched closely for changes in behavior from the Russian government and for any change in the pace of cybercriminal operations emanating from Russia.

Mandiant, a US cybersecurity firm that responds to ransomware incidents, has reported a lull in activity from some ransomware groups. But whether any reduction in ransomware attacks endures remains to be seen.
Biden administration ramps up efforts to secure American infrastructure from Russian and Chinese cyberattacks

A spokesperson for Recorded Future, another cybersecurity firm, told CNN that the firm has been tracking a “Russian-based ransomware group that currently has over 100 members” and is “actively recruiting new cybercriminals.”

Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency, said last week that she had not seen “significant, material changes” in Russian behavior since the tete-a-tete between Biden and Putin.

Cybersecurity analysts say one of the most effective ways to combat ransomware is to arrest the people who develop and deploy the computer-locking software. While Russian cooperation has been elusive, the US has leaned heavily on allies in Europe in raids against some criminal groups.

The FBI and European enforcement agencies last month arrested two people in Ukraine who allegedly had made multimillion-dollar ransom demands following hacks of European and US organizations.

Timo Koster, a former Dutch diplomat focused on cybersecurity, said he expects countries like the US and the Netherlands to encourage other governments to take more assertive actions against cybercriminal groups.

“More international cooperation is needed” in coordinating how countries attribute cyberattacks to specific actors and on responses from law enforcement and security agencies, Koster told CNN.





Source link

Leave a comment