US calls on Russia to do more to crack down on ransomware groups ahead of White House meeting with allies

The US government has “shared information with Russia regarding criminal ransomware activity carried out from within its territory,” said the official, who spoke on condition of anonymity under ground rules set by the White House for the call.

“We have seen some measures from the Russian government and we are looking to see follow-up actions,” said the official, who declined to say what those measures and actions were.

A spokesperson for the Russian Embassy in Washington did not respond to a request for comment.

Biden in june urged Russian President Vladimir Putin to crack down on Russian-speaking hackers after a series of ransomware attacks cost U.S. companies millions of dollars. One such incident forced Colonial Pipeline, which supplies about 45 percent of the east coast’s fuel, to shut down operations for several days in May.

The disruption has put cybersecurity, and ransomware in particular, high on the White House’s national security priority list.

Senior government officials from the United States and 30 allied countries will meet virtually Wednesday and Thursday to forge closer cooperation in the fight against ransomware, which has taken computers offline in health centers in several countries during the pandemic of coronavirus.

Australia, France, Germany and the UK are among the countries that will be represented at the meetings, according to the White House. Discussions will focus on efforts to prosecute and disrupt ransomware groups and the role of cryptocurrency in funding ransomware attacks, among other issues.

Russia will clearly be absent from meetings as the White House tries to advance bilateral talks with Moscow.

Since the Biden-Putin meeting, US officials have been closely monitoring changes in Russian government behavior and any changes in the pace of cybercrime operations emanating from Russia.

Mandiant, an American cybersecurity company that responds to ransomware incidents, reported a lull in the activity of some ransomware groups. But it remains to be seen whether a reduction in ransomware attacks continues.
Biden administration steps up efforts to secure U.S. infrastructure against Russian and Chinese cyberattacks

A spokesperson for Recorded Future, another cybersecurity firm, told CNN that the company was tracking a “Russian-based ransomware group that currently has over 100 members” and “is actively recruiting new cybercriminals.”

Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency, said last week that she had not seen “significant and material changes” in Russian behavior since the one-on-one between Biden and Putin.

Cyber ​​security analysts say one of the most effective ways to fight ransomware is to stop the people who develop and deploy computer locking software. While Russian cooperation has been elusive, the United States has relied heavily on allies in Europe in raids against certain criminal groups.

The FBI and the European enforcement agencies last month arrested two people in Ukraine who allegedly made multi-million dollar ransom demands following hacks of European and American organizations.

Timo Koster, a former Dutch cybersecurity diplomat, said he expects countries like the United States and the Netherlands to encourage other governments to take stronger action against cybercrime groups.

“More international cooperation is needed” to coordinate how countries attribute cyber attacks to specific actors and on responses from law enforcement and security agencies, Koster told CNN.

Source Link

Please follow and like us: