Biden hints at possible cybersecurity arrangement with Russia over ransomware attacks

Published at: June 16, 2021

United States President Joe Biden implied he made some progress in addressing ransomware attacks on critical infrastructure after speaking with Russian President Vladimir Putin.

Following a Wednesday summit in Geneva, Biden said he had spoken with Putin on the issue of cybersecurity, the U.S. president making it clear his opinion was certain areas of critical infrastructure were off limits for attacks — whether the targets were in Russia or the United States. Biden said the meeting had a positive tone, but he had told Putin “the United States will respond to actions that impair our vital interests or those of our allies.”

“Responsible countries need to take action against criminals who conduct ransomware activities on their territory,” said the U.S. president. “We agreed to task experts in both our countries to work on specific understandings about what’s off limits and to follow up on specific cases that originate in other countries.”

Neither world leader specifically mentioned crypto or digital assets in their respective press conferences, though both referenced the $4.4 million ransom paid to Colonial Pipeline following a cyber attack in May. Putin referred to such funds “paid electronically” rather than naming them as Bitcoin (BTC) or cryptocurrency.

Biden said Putin expressed similar concerns over a potential ransomware attack on pipelines in Russia, adding the two countries would likely have more clarification on their positions within the next 6-12 months:

“We’ll find out whether we’ll have a cybersecurity arrangement that begins to bring some order.”

Rosa Smothers, a former CIA cyber threat analyst and technical intelligence officer, now a senior vice president at security firm KnowBe4, told Cointelegraph that the U.S. government “has a host of capabilities” in addressing ransomware attacks, whether by going after the attackers’ physical servers or their crypto accounts. She added that U.S. officials could come to an understanding with their Russian counterparts depending on the situation.

“In cases where payment servers are located in Russian territory, we could consider providing the Russian government the information needed,” said Smothers.

Related: Biden to discuss crypto’s role in ransomware attacks at G-7, says national security adviser 

As far as preventing future ransomware attacks, in the United States private sector companies are generally in charge of critical infrastructure, according to the former CIA analyst. However, there is some existing legislation in place to address the security of data.

For example, the Sarbanes-Oxley Act, passed in 2002, provides requirements for safeguards to secure financial data. Congress proposed a major piece of legislation on cybersecurity in 2012, but it failed to get the votes needed to pass in the Senate. Similar measures put forth by lawmakers in response to the Colonial Pipeline attack have yet not received a vote.

Tags
Regulation
United States
Russia
Cybersecurity
Ransomware
Ransom
Related Posts
US officials recover $2.3M in crypto from Colonial Pipeline ransom
Officials with a United States government task force have seized more than $2 million in crypto used to pay for ransom following an attack on the Colonial Pipeline system. In a Monday press conference, Deputy Attorney General Lisa Monaco said that the task force “found and recaptured” millions of dollars worth of Bitcoin (BTC) connected to Russia-based DarkSide hackers — the majority of the $4.4 million funds originally paid. A warrant filed with the U.S. District Court for the Northern District of California shows that authorities recovered 63.7 BTC, worth roughly $2.3 million at the time. Monaco said this action …
Regulation / June 7, 2021
US ramps up enforcement actions against global crypto scams
The United States has taken actions against international hackers responsible for the theft of millions of dollars in cryptocurrency. On September 16, the U.S. Department of Justice, U.S. Department of Homeland Security, and the U.S. The Department of the Treasury’s Office of Foreign Assets Control announced it has imposed sanctions on two Russian nationals who used a sophistication phishing campaign to steal at least $16.8 million from the customers of three virtual currency exchanges in 2017 and 2018 — including two based in the United States. The pair, Danil Potekhin and Dmitrii Karasavidi, created multiple websites impersonating legitimate crypto exchanges …
Regulation / Sept. 17, 2020
Celebrities May Have Their Dirty Secrets Exposed if Crypto Ransom Is Unpaid
The REvil ransomware gang says that they will auction over 1TB of data stolen from New York-based entertainment law firm, Grubman Shire Meiselas & Sacks. This data allegedly contains the “dirty” secrets of a number of celebrities. REvil claims that the contents involve sex scandals, drugs, and treachery. Nicki Minaj, LeBron James, and Mariah Carey among the alleged victims In a blog post, the ransomware group says they will begin the auction on July 1, noting that the first round will contain information from Nicki Minaj, Mariah Carey, and LeBron James. The price for each dataset is $600,000. Two days …
Technology / June 24, 2020
Garmin Could Face Sanctions if $10M Ransom is Paid
Garmin, a multinational tech company, has been operating at less than full capacity following a ransomware attack launched by the Russian cybergang, Evil Corp. Garmin is being extorted for a $10 million ransom, to be paid in cryptocurrency. According to a report published by Bleeping Computer, an unidentified Garmin employee confirmed that the WastedLocker ransomware took down the company’s customer support services, navigation solutions, and other aspects of the U.S.-based firm. The leader of the cybercriminal group is a Russian individual named Maksim Yakubets. A known criminal, Yakubets was indicted by the U.S. Department of Justice in 2019. He was …
Technology / July 27, 2020
Enforcement goes on with Bitzlato action — Law Decoded, Jan. 16-23.
The good news of the last week is that Bitcoin (BTC) continued to review, making around 10% up from Jan.16 to Jan. 23. But it has yet to change a worrying trend of crypto companies making headlines due to their troubles with the law. The United States Department of Justice launched a “major international cryptocurrency enforcement action” against China-based crypto firm Bitzlato and arrested its founder, Anatoly Legkodymov. The enforcers consider Bitzlato to be a “primary money laundering concern” connected to Russian illicit finance. While the exchange attracted little attention until the DOJ action, it had received $206 million from …
Regulation / Jan. 23, 2023