WASHINGTON – Three weeks after warning Vladimir Putin to crack down on criminal hackers attacking the U.S. from Russia, President Joe Biden is under pressure to respond to a Russia-based hacking group’s responsibility for the so-called largest ransomware attack in history .
White House officials said they never believed Biden’s demand on Putin would have immediate effect and that they would give six months to see if cyberattacks from inside Russia had subsided. But a massive ransomware attack on Friday, apparently from Russia, messed up this calculation.
The attack, which according to private researchers was carried out by REvil, a group of Russian-speaking hackers believed to be operating in the country, hit hundreds of American companies and more than a thousand in up to 30 countries, experts say.
REvil has asked for $ 70 million to release the companies’ data after a cyberattack, which experts believe was particularly devious, that spread malware by adopting the software of trusted IT companies in a way that it did before was mainly used by state intelligence agencies.
The weekend before REvil took charge, Biden told his intelligence services weren’t sure yet the attack came from Russia. Should that prove to be true, he said: “I told Putin we would answer.”
Biden said he would know more on Sunday but no statement would be made on Sunday or Monday. On Tuesday, the White House and the director of National Intelligence did not respond to NBC’s questions about who was responsible and what Biden could do.
“What President Biden can, and I expect, will do, is for Russia to honor its commitments and prevent its territory from being used for these criminal acts,” said Senator Mark Warner, D.-Va., Chairman of the Intelligence Committee of the Senate in a statement to NBC News. “If Putin wants Russia to become a productive member of the international community, he could certainly arrest these criminals in Russia and try them or try them elsewhere.”
Warner pointed out that an international agreement which Russia has acceded states that states will not allow cybercriminals to use their territories.
“This is the time when President Biden has to pick up the phone and call Vladimir Putin and tell them enough is enough,” said cybersecurity expert Dmitri Alperovitch, chairman of the Silverado Policy Accelerator.
It is clear, he said, that Biden’s warning to Putin “has not yet had any effect. We don’t know if that’s because the news didn’t get there, President Putin decided to ignore it. Or maybe he just hadn’t feeling that this “shouldn’t be a top priority issue. Maybe he thought this would be settled over time and through negotiation. But we don’t have time here. We have to act. Now. We have to demand that.” those people responsible for this particular hack “arrested, the key will be handed over to the companies that need to decrypt their data.”
Previously, White House officials downplayed expectations about the warning.
“We did not set the measure with an oral promise from Vladimir Putin that Russian criminals would stop hacking,” said National Security Advisor Jake Sullivan on June 18. “We have determined the measure whether attacks against our critical infrastructures will actually return from Russia in the next 6 to 12 months.”
The most recent cyberattack coincided with a new national security strategy released by the Kremlin on Saturday, which, according to published translations, takes a confrontational tone towards the US and the West.
The 44-page document states that increasing pressure from Western countries poses a threat to Russian society. according to the German news agency Deutsche Welle.
“The ‘westernization’ of culture increases the risk that the Russian Federation will lose its cultural sovereignty,” says the new strategy.
The document adds that Russian “traditional spiritual, moral and cultural-historical values ââare actively attacked by the US and its allies” and that Russia “considers it legitimate to take symmetrical and asymmetrical measures” to “act unfriendly” by foreign companies prevent states.
Asymmetrical measures include the tolerance of cybercrime against the West within Russia, experts say.
“Traditionally, these criminals in Russia have largely operated with impunity unless they target Russian companies,” Alperovitch said. âThe Russian law enforcement agencies either left them alone or, worse, recruited them to work for the state as part of their intelligence apparatus to continue attacks on the West. So at least you get protection, and that has to stop. “.”