Could the ransomware crisis impose measures against Russia?

Meanwhile, the Kremlin routinely fiercely resists international efforts to subdue the hackers, simply throwing accusations at the rest of the world – refusing to acknowledge there is a problem, and refusing to help.

On May 11, for example, shortly after Biden’s statement, Kremlin spokesman Dmitry Preskov publicly denied Russia’s involvement. Instead, he criticized the United States for “refusing to cooperate with us in any way to confront cyber threats.”

Russia’s calculations are hard to gauge clearly, but there are some surprising variables: ransomware attacks destabilize Moscow’s opponents, transfer wealth to Moscow’s friends – all without much of the negative consequences.

Observers are now wondering whether high-profile incidents like the pipeline shutdown will change the math.

“The question for the United States and the West is, how willing would you do it to the Russians if they were to become uncooperative?” Says James Lewis, a cybersecurity expert at the Center for Strategic and International Studies. What the West was unwilling to do was take strong action against Russia. How are consequences imposed when people ignore agreed international standards? “

“I think we need to pressure Russia to start dealing with cybercriminals,” says Alperovic. “Not only those directly responsible for Colonial, but the entire group of groups that have been carrying out ransomware attacks, financial fraud and the like for two decades. Not only has Russia not done so, it has vehemently objected when we demand the arrest of individuals and have come forward. Full evidence to Russian law enforcement authorities, and they did nothing. They were totally obstructed at least, they are not helping investigations, they are not making arrests, they are not holding people accountable at a minimum, we need to ask them to take action. “

“Russia has completely obstructed, at least, it is not helping investigations, it does not conduct arrests, and it does not hold people accountable.”

Dmitry Alberovich, Silverado Policy Accelerator

There are many examples of cyber criminals heavily involved with KGB. Resulted from the massive 2014 hack against Yahoo shipment Against Russian intelligence officers and criminal conspirators. The hacker was Yevgeny Pugachev, who was once the most widespread hacker in the world linked For Russian espionage. On the rare occasion when pirates are arrested and extradited, Russia accuses the United States of “KidnappingCitizens: Americans respond that the Kremlin is protection Its criminals by preventing investigation and arrest.

Pugachev, for example, was accused by the United States of creating a criminal piracy network responsible for stealing hundreds of millions of dollars in bank breaches. His current location in a resort in southern Russia is no secret, at least to Russian authorities who initially cooperated with the US-led investigation against him but eventually backed away from the deal. Like many of his contemporaries, he is out of reach due to Moscow’s protection.

To be clear: there is no evidence that Moscow directed the colonial pipeline breach. What security and intelligence experts argue is that the Russian government’s long-standing tolerance of cybercriminals – and the occasional direct relationship with them – is at the heart of the ransomware crisis. Allowing a criminal economy to grow unchecked makes it nearly inevitable that critical infrastructure targets like hospitals and pipelines are hit. But the reward is high and the stakes so far low, so the problem increases.

What are the options?

A few days before the pipeline was breached, one of the highlights was “anti-ransomware”. Report It is published by the Institute for Security and Technology. Compiled by a special task force that included government, academia, and representatives of the largest US technology industry companies, it was one of the most comprehensive works ever produced on the problem. Its main recommendation was to build a coordinated process to prioritize defense against ransomware across the entire US government; She argued that the next stage will require a truly international effort to fight the billions in ransomware problem.

“The previous administration didn’t think this problem was a priority,” says Phil Rayner, who led the report. They did not take concerted action. In fact, that previous administration was completely uncoordinated on cybersecurity. It is not surprising that they did not put together an interagency process to address this, and they did not do it for anything. “

Today, the US standard list of options for responding to piracy incidents ranges from submitting a bad note or individual indictments, to nationwide sanctions and offensive cyber actions against ransomware packages.

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button