With days to go to the G7 Summit in Cornwall, the group of seven leading economies have some big issues on their agenda. The pandemic and climate change will no doubt dominate but what about cyber and the scourge of ransomware that is hitting so many organisations?
Presidents Biden and Putin are set to meet in Geneva after the summit. The Biden administration is likely to use the opportunity to put further pressure on the Russian government to assist in closing down the criminal networks benefitting from ransomware attacks. Many of them operate with relative impunity from Russia. Colonial Pipeline and the world’s largest meat supplier JBS are the most recent high-profile victims of ransomware attacks. The impact their disruption has had on the supply chain has not gone unnoticed in Washington. Jen Psaki, the Administration’s Press Secretary said, following the JBS hack, that ‘the White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbour ransomware criminals’.
Whether it is in Russia’s interest to take any action is a moot point. At a time of strong US-led sanctions, they will not be concerned about any impact on Western countries’ digital economies. There has long been speculation about ties between cyber criminals like DarkSide and the Russian intelligence services (RIS). It is reported, for example, that the RIS benefit from data gathered by the Russian-based criminal groups. The constraints placed on these groups is that they cannot impact companies within the CIS*. It has also been demonstrated that the Russian state is able to anonymise its own activities online behind the veneer of organised crime or hactivism.
The US may have taken active measures to deter ransomware networks as well. In the case of Colonial Pipeline, who paid a reported $4.3 million ransom to restore services, recent developments indicate that ‘the majority’ of the ransom has been recovered by the FBI through tracking payments to DarkSide’s bitcoin wallet. This suggests the U.S. is not relying on diplomacy alone to put pressure on criminal gangs operating without sanction in Russia, but intends to use its significant technical capability to hit them where it hurts. How this plays out when the two presidents meet in Geneva remains to be seen. It will also be interesting to see if President Biden uses the G7 summit to encourage resolve from allies to tackle the current ransomware epidemic.
*Commonwealth of Independent States, a collection of nine states, including Russia, formerly republics in the old Soviet Union.