Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Biden Pressured to Act on ‘Russian’ Ransomware, Hacking

Top US officials met at the White House on stopping ransomware Wednesday, as pressure mounted on President Joe Biden to take action against Russia over cyberattacks.

Top US officials met at the White House on stopping ransomware Wednesday, as pressure mounted on President Joe Biden to take action against Russia over cyberattacks.

Days after hundreds of companies in the US and around 1,500 worldwide saw their computer systems hijacked by allegedly Russia-based ransomware group REvil, there were calls for tough counterattacks by the Pentagon’s cyber warriors and more sanctions on Moscow.

The White House meeting, including officials from the State Department, Homeland Security, Justice Department and intelligence, also followed news that alleged Russian hackers had attempted to break into the systems of the Republican Party’s national committee.

After the meeting, Biden told reporters he would “deliver” his own message to Russian President Vladimir Putin on the issue, without offering any details.

White House spokeswoman Jen Psaki said the meeting Wednesday was on a “whole-of-government effort to address ransomware attacks.”

“The president has a range of options should he determine to take action” against attackers, she added.

– Calls for more sanctions –

Psaki would not say what steps Biden is considering.

But three weeks after he raised the ransomware issue in direct talks with Putin at a Geneva summit, there were more calls for the US leader to retaliate.

In a Washington Post opinion piece Wednesday, cybersecurity expert Dmitri Alperovitch and Wilson Center Russia expert Matthew Rojansky urged Biden to sanction Russian oil and gas companies, a top source of Moscow’s finances.

“Before such devastating ransomware attacks become a routine occurrence, President Biden must deliver a quiet but forceful demand: Russian President Vladimir Putin must put an immediate stop to this activity or Washington will tighten the squeeze of sanctions on the Russian economy,” they wrote.

A group of House Republicans said in a statement that continued cyber-attacks make it clear Putin has “brushed off” Biden’s warnings.

“Putin won’t stop these criminals unless he knows he’ll face real and severe consequences if he doesn’t,” they said.

Clint Watts, a counter-terror and intelligence specialist at the Foreign Policy Research Institute, called the REvil attack a “deliberate provocation” coming so soon after the Biden-Putin summit and said more sanctions would not deter Russia.

He argued for tougher action, such as remotely sabotaging the computer systems of the hackers, trying to shut down bitcoin and other virtual currencies that make ransomware possible, or physically nabbing the hackers if they travel outside Russia.

“The Russians are going to continue to push until they see what America will defend. And America has chosen for more than a decade not to defend, just to levy more sanctions,” Watkins told AFP.

“They are abusing the current system and we’re not deterring them in any way.”

– $70 million demand –

Psaki said senior White House national security staff had communicated their concern to high-level Russian officials.

And US and Russian cybersecurity officials are scheduled to meet next week on the ransomware problem.

But the most recent REvil attack suggested Moscow has not taken action to reign in cyber criminals.

On Wednesday on their “Happy Blog” on the dark web, REvil continued to release private data of companies whose computers they took over to pressure them to pay ransom.

The group has also offered to publicly release the key for unlocking all of the companies’ data in return for a single payment of $70 million.

Asked about retaliating, Psaki said officials are still cautious about attributing blame for the most recent attacks, and were not saying the Russian government was directly responsible.

Pentagon spokesman John Kirby said Tuesday they would not talk about the specific capabilities or actions of their Cyber Command, which can undertake offensive and retaliatory attacks online.

“We are all mindful of these growing threats to national security as well as to civilian infrastructure,” Kirby said.

“We believe… a US response to those threats has got to be whole-of-government” and not just a military responsibility, he added.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.