Could the ransomware crisis require action against Russia?

Meanwhile, the Kremlin is constantly confronting international hackers, throwing accusations at other countries around the world, refusing to acknowledge that there is a problem and refusing to help.

On May 11, shortly after Biden’s statement, for example, Kremlin spokesman Dmitry Preskov publicly denied Russian involvement. Instead, he criticized the United States for “refusing to cooperate in any way with us to deal with cyber threats.”

The calculation for Russia is difficult to clearly measure, but some variables are striking: Ransomware attacks destabilize Moscow’s opponents and transfer wealth to Moscow’s friends, all without negative consequences.

Now observers are wondering if higher events like the closure of the pipeline will change the math.

“The question for the U.S. and the West is,‘ How willing are you if the Russians will cooperate? ’” Says James Lewis, an expert on scientific security, at the Center for Strategic and International Research. “What the West did not want to do is to take force against Russia. How to establish consequences when people disregard agreed international standards? “

“I think we need to put pressure on Russia to start dealing with cybercriminals,” Alperovich argued. “Not only are they directly responsible for the colonials, there are many groups that have been carrying out ransomware attacks, financial fraud and the like for two decades. “At least they have been completely obstructive, they have not helped with the investigation, they have not made any arrests, they have not taken responsibility. We must at least demand that they take action.”

There are many examples of cybercriminals who are very confused with Russian intelligence. It caused a huge 2014 hack against Yahoo charges Against Russian intelligence officials and cybercriminals. Hacker Evgeniy Bogachev, one of the most prolific bank hackers in the world, has been bound To Russian espionage. And in the rare cases where hackers are arrested and extradited, Russia blames the US. “kidnapping“Citizens: Americans say it’s the Kremlin to protect preventing criminals from investigating and arresting him.

Bogachev, for example, has been accused by the U.S. of creating a criminal network of hackers responsible for stealing hundreds of millions of dollars from bank hacks. Russia’s current location in the southern resort town is no secret, especially since the Americans initially cooperated with the investigation against it but eventually the Russian authorities refused to accept the deal. Like many of his contemporaries, he is unavailable for Moscow’s protection.

To be clear: there is no one who directed the Moscow Colonial Pipeline hack. What security and intelligence experts argue is that the Russian government is at the heart of the crisis of tolerance and ransomware that occasionally has a direct relationship with cybercriminals. Letting a criminal economy grow out of control makes it almost inevitable to hit the targets of critical infrastructure like hospitals and pipelines. The reward is high and the risk so far is low, so the problem grows.

What are the options?

A few days before the pipe was hacked, a “Ransomware Fighting” milestone report published by the Institute of Security and Technology. Gathered by a special working group of government, academia, and representatives of the largest companies in the American technology industry, it was one of the most comprehensive work ever done on the problem. The main recommendation was to build a coordinated process to prioritize ransomware defense throughout the U.S. government; The next stage, he argued, should be an international effort to address the billions of ransomware problem.

“The previous administration didn’t think this issue was a priority,” says Phil Reiner, who directed the report. “They didn’t take coordinated action. In fact, this previous administration was completely uncoordinated in cybersecurity. It’s not surprising that they haven’t come together, that they haven’t done the process between this organization to deal with it, they haven’t done anything. “

Nowadays, the standard menu of options for responding to hacking incidents in America involves sending malicious notes or individual accusations, passing state sanctions and offensive cyber actions against ransomware groups.