This article was originally published by Radio Free Europe/Radio Liberty and is reprinted with permission.
President Joe Biden gathered with top U.S. officials at the White House on July 7 to discuss strategy to counter increasingly disruptive ransomware attacks by suspected Russia-based hackers.
Several recent hacks come just weeks after Biden warned Russian President Vladimir Putin about the issue at a summit in Geneva in mid-June, presenting the U.S. president with an early test on how he plans to respond.
After the White House meeting, Biden told reporters he would “deliver” his own message to Putin on the issue, without offering any details.
White House spokeswoman Jen Psaki later said the president has “a range of options should he determine to take action,” although she did not want to discuss specifics. Russian and U.S. representatives are expected to meet next week to discuss cyberrelated issues.
Pressure is mounting on Biden to take some sort of action against Russia, days after Florida-based technology firm Kaseya’s remote-management software tool was exploited, impacting hundreds of U.S. businesses and up to 1,500 businesses globally.
Information about the extent of the attack, which cybersecurity experts have said is the biggest ransomware attack on record, remained incomplete.
The Russia-based cybercriminal group REvil claimed credit for the attack over the weekend and demanded $70 million worth of bitcoin as ransom to decrypt software and allow owners to access data.
Then on July 6, the Republican National Committee said that one of its contractors had been breached in a cyberattack, though it was not immediately clear by whom. It said no data was accessed.
In his meeting with Putin last month, Biden said the two leaders discussed keeping 16 types of critical infrastructure off-limits to cyberattacks, including the energy and water sectors.
While U.S. officials have blamed some attacks on Russian criminal gangs, it has not directly blamed the Russian government for recent ransomware attacks. Instead, Washington accuses Moscow of not going after cybercriminals on its territory or cooperating in investigations.
Ransomware attacks are carried out by hackers who break into networks and spread malicious computer code that encrypts a victim’s digital data. The data is unusable until the targeted company pays the ransom.
Cybersecurity experts have said REvil was behind a ransomware attack in May on meat-processing giant JBS. The Brazil-based company ended up paying $11 million in bitcoin to the hackers.
Another high-profile ransomware attack in May targeted Colonial Pipeline, disrupting fuel deliveries on the largest U.S. pipeline. In the case of Colonial, U.S. law enforcement said they recovered most of the ransom paid to another Russian-speaking criminal group known as DarkSide.
The United States has also accused Russian government hackers of meddling in last year’s U.S. election and of being behind the SolarWinds hack that affected U.S. government agencies and businesses.
