The US government has “shared information with Russia regarding criminal ransomware activity carried out from within its territory,” said the official, who spoke on condition of anonymity under ground rules set by the White House for the call.
“We have seen some measures from the Russian government and we are looking to see follow-up actions,” said the official, who declined to say what those measures and actions were.
A spokesperson for the Russian Embassy in Washington did not respond to a request for comment.
The disruption has put cybersecurity, and ransomware in particular, high on the White House’s national security priority list.
Senior government officials from the United States and 30 allied countries will meet virtually Wednesday and Thursday to forge closer cooperation in the fight against ransomware, which has taken computers offline in health centers in several countries during the pandemic of coronavirus.
Australia, France, Germany and the UK are among the countries that will be represented at the meetings, according to the White House. Discussions will focus on efforts to prosecute and disrupt ransomware groups and the role of cryptocurrency in funding ransomware attacks, among other issues.
Russia will clearly be absent from meetings as the White House tries to advance bilateral talks with Moscow.
Since the Biden-Putin meeting, US officials have been closely monitoring changes in Russian government behavior and any changes in the pace of cybercrime operations emanating from Russia.
A spokesperson for Recorded Future, another cybersecurity firm, told CNN that the company was tracking a “Russian-based ransomware group that currently has over 100 members” and “is actively recruiting new cybercriminals.”
Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency, said last week that she had not seen “significant and material changes” in Russian behavior since the one-on-one between Biden and Putin.
Cyber security analysts say one of the most effective ways to fight ransomware is to stop the people who develop and deploy computer locking software. While Russian cooperation has been elusive, the United States has relied heavily on allies in Europe in raids against certain criminal groups.
Timo Koster, a former Dutch cybersecurity diplomat, said he expects countries like the United States and the Netherlands to encourage other governments to take stronger action against cybercrime groups.
“More international cooperation is needed” to coordinate how countries attribute cyber attacks to specific actors and on responses from law enforcement and security agencies, Koster told CNN.