WASHINGTON – US warnings to Russian President Vladimir Putin to protect cybercriminals hiding in Russia have had little effect, according to top US law enforcement and cyber officials.
“There is no indication that the Russian government has acted against ransomware actors operating in the permissive environments they create,” Paul Abbett, deputy director of the Federal Bureau of Investigation, said in an intelligence report on Tuesday. are doing.” Summit just outside Washington.
“We have sought help and cooperation with people we know are in Russia, who have allegations against us, and we have seen no action,” Abbett said. “So, I’d say nothing has changed in that regard.”
US President Joe Biden has twice called on the Russian leader to take action against cybercriminals operating out of Russia – first at a summit in Geneva in June and again in a phone call a month later.
“I made it very clear to him that the United States expects that when there is a ransomware operation coming out of its soil, even if it is not state-sponsored, we expect that if we give them enough information to take action. So who is that,” Biden told reporters after the July phone call.
Since the initial talks, senior White House officials have noted a decrease in ransomware attacks, although they have been hesitant to attribute any action by Moscow to the change.
“The current absence of criminal activity should not be confused with concerted policing,” US National Cyber Director Chris Inglis told the audience later on Tuesday.
“There is still a monetary incentive and possibly a geopolitical incentive to allow it to come back,” he said, emphasizing against calls by the US to go on the offensive.
“There’s a feeling that we could probably fire some cyber bullets and find a way out of it. It would be useful in some circumstances if we have a clear shot at a cyber attacker and it can take them offline,” Inglis said. . “It’s not going to affect the leadership that allows this to happen.”
“We have to figure out what matters to Putin and the oligarchs and how we change their decision calculations,” he said.
The Kremlin has repeatedly denied any role in a series of ransomware and cyber attacks against US companies and infrastructure.
And after the Biden-Putin call in July, it issued a statement endorsing cooperation on cybersecurity, calling such efforts “permanent, professional and apolitical, and conducted through specialized communication channels.” … and in relation to international law.”
New: Discussion w/#Russia Feather #cyber Continue, According to Deputy National Security Advisor for Cyber Anne Neuberger@potus “Looking for action” she says, adding the US should also focus “whatever we can do to close its digital doors”.
— Jeff Seldin (@jseldin) 2 September 2021
The US blamed Russia or Russian-based cyber actors for a series of high-profile hacks and ransomware attacks, including the December 2020 hack of US-based software management company SolarWinds and the May 7 ransomware attack against Colonial Pipeline. Largest fuel pipeline operator in America
US officials have blamed the GRU for targeting the Democratic National Committee during the 2016 election and for helping pharmaceutical companies develop vaccines against the coronavirus.
Asked on Tuesday whether the US has reached a point where it is ready to take action against Russia, the commander of the US Cyber Command deferred to the White House.
“It is clearly for the president to decide,” said CyberCom general Paul Nakasone. “But those options will certainly be provided for their consideration.”
Granthshala’s Masood Farivar contributed to this report.