Meanwhile, the Kremlin has consistently resisted international efforts to bring in hackers, dismissing accusations around the world – refusing to recognize that there is a problem, and refusing to help.
On May 11, for example, shortly after Biden’s statement, Kremlin spokesman Dmitry Preskov publicly denied that Russia was involved. However, he criticized the United States for “refusing to cooperate with us in any way to overcome cyber threats.”
The calculus for Russia is hard to measure clearly but a few variables can be alarming: The Ransomware attack terrified Moscow’s enemies, and transferred wealth to Moscow’s friends-all for no reason bad consequence.
Now observers are wondering if high -profile incidents like pipeline closures can change the math.
“The question for the U.S. and the West is,‘ How much would you be willing to do with the Russians if they didn’t cooperate? ’” Said James Lewis, a cybersecurity expert at the Center for Strategic and International Studies. “What the West doesn’t want to do is take drastic action against Russia. How are you going to impose the consequences if people don’t care about conforming to international norms?”
“I think we need to force Russia to start dealing with cybercriminals,” Alperovitch argues. “Not only were those directly responsible for the Colonial, but the total assassination of groups carrying out ransomware attacks, financial fraud, etc. for two decades. Not only has that not been done in Russia , they strongly objected if we asked for the arrest of individuals and provided full evidence to Russian law enforcement, they did nothing.All of them completely obstructed, could not assist in investigations, did not arrest, did not respond people. At a minimum, we need to warn them to act. ”
There are many examples of cybercriminals being harmed by Russian intelligence. The 2014 severe hacking against Yahoo resulted case against Russian intelligence officers and cybercriminal accomplices. Hacker Evgeniy Bogachev, once the world’s most prolific bank hacker, has become INVOLVED in Russian intelligence. And on the rare occasion when hackers were arrested and taken out, Russia accused the U.S. of “kidnapping”Its citizens: Americans oppose the Kremlin protecting own criminals by withholding investigation and arrest.
For example, Bogachev has been charged in the United States with creating a criminal hacking network responsible for stealing hundreds of millions of dollars from bank hacks. His current location in a resort town in southern Russia is no secret, especially since Russian authorities initially cooperated with the American -led investigation against him but later rejected the deal. Like most of his contemporaries, he could not be reached because of Moscow’s protection.
To be clear: there is no evidence that Moscow ordered the hack of the Colonial Pipeline. What security and intelligence experts say is that the Russian government’s long-standing sanction-and occasional direct contact with cybercriminals is at the center of the ransomware crisis. Allowing a criminal economy to thrive unchecked causes it to almost inevitably hit critical infrastructure targets such as hospitals and pipelines. But the rewards are high and the risk so far is small, so the problem is growing.
What are the options?
Just days before the pipeline was hacked, a landmark “Combating Ransomware” report published by the Institute for Security and Technology. Assembled by a special task force comprised of government, academia, and representatives of the largest companies in America’s technology industry, this is one of the most comprehensive actions ever taken on the problem. Its main recommendation is to establish a coordinated process to prioritize ransomware defense throughout the U.S. government; the next phase, it argues, will require a truly international effort to combat the problem of thousands of ransomware.
“The previous administration didn’t think this problem was a priority,” said Phil Reiner, who led the report. “They didn’t take coordination action. Actually, that previous administration had completely no coordination on cybersecurity. It’s not surprising that they didn’t unite they didn’t put together an interagency process to address it, they didn’t do that for whatever. ”
Today, America’s standard menu of options for responding to hacking incidents ranges from sending bad notes or individual accusations, to state-level penalties and outrageous cyber action against in ransomware groups.