The White House says cyber-attacks will be an “important topic” in the meeting between Presidents Biden and Putin.
Until a few years ago, malicious computer programs spreading through digital networks were seen as a financial crime and were not thought to one day be high on the agenda of a meeting between the leaders of the two world powers.
But last month the issue came to the forefront of geopolitical priorities as digital criminals believed to be operating from Russia penetrated the digital network of an American company operating an important oil pipeline, as well as the network of a global meat processing giant. putting pressure on companies to give millions of dollars in rewards for not damaging their operating systems.
Although US officials have not accused Russia of a direct role in the incidents, some lawmakers say criminals operating in the digital space often act knowingly, if not with the Kremlin’s approval. President Biden has been under pressure to raise the issue in a meeting with President Putin.
In a cyber attack, criminals misappropriate a company’s digital information through a computer program. They ask the company for a reward for getting the data back to working properly, which is accomplished through a digital key that normalizes the system. Often cybercriminals offer help to a competing group and share the benefits. This, officials say, has led to an increase in the number of IT experts involved in this illegal but highly lucrative business.
The following are three questions about Russia’s role in these cyber attacks:
Why do so many criminal groups in the digital space speak Russian?
Cyber security firms track hacker activity worldwide. Many are believed to operate from Russia as well as other former Soviet republics such as Belarus, Ukraine, Kazakhstan and Latvia, according to Recorded Future.
This company oversees the activities of about 15 Russian-speaking groups. The US-Israeli firm Check Point is pursuing seven other groups, including those responsible for heavy attacks in recent years, such as DarkSide and REvil, which hit the Colonial Pipeline oil pipeline and meat supplier JBS in recent weeks, respectively.
The Babuk group, another Russian-speaking network, was also discovered this year, attacking at least five key entities.
These Russian-speaking groups follow an unwritten rule: Avoid companies and institutions in Russia and the former Soviet republic which leaves them free to attack others without being hit by the Russian authorities. Another rule: they only cooperate with other Russian-speaking groups.
Is there a connection between the hackers and the Kremlin?
The Russian government has denied allegations of role in the recent US cyber attacks. Meanwhile, it remains unclear what connections exist between the Kremlin and these online blackmail networks.
After the attack on the Colonial Pipeline, President Biden said that so far “no evidence has been seen from the intelligence services of Russian involvement, but there is evidence that these dangerous actors and programs are in Russia.”
FBI Director Christopher Wray said during a congressional hearing that he could not talk about the links between the Kremlin and these groups, adding that “these hackers are individuals who may not accidentally hit English-speaking victims.”
Lawmakers have openly accused Russia of saying such attacks could not happen, at least without the Kremlin’s tacit approval.
The dividing line between digital wrongdoers and state entities remains unclear. Many hackers operating in Russia can be in the service of Russian intelligence during the day and in their “free time” carry out cyber attacks for personal gain, said Democratic lawmaker Marc Warner.
How is the US responding to cyber threats?
As cyberattacks have been widely declared a new threat to national security, some lawmakers and security experts are calling for a more aggressive response from the US. The Department of Justice recently established a working group focused on digital malware. This working group managed to block most of the $ 5 million that Colonial Pipeline owed to hackers to get the system up and running. But lawmakers want more concrete results in these efforts.
“We need to start analyzing the possibility of launching an attack and hitting these networks,” Republican lawmaker Michael McCaul said during a hearing in the House National Security Committee.
Experts support the idea of a more aggressive attitude.
Prior to the Biden-Putin meeting, the Russian leader had raised the idea of a bilateral agreement to exchange and extradite digital space criminals between the US and Russia. At the G-7 summit, President Biden said he was open to the idea of a Russian counterpart.
The president’s national security adviser, Jake Sullivan, later commented on Mr Biden’s statement, saying the president “is not saying he will exchange digital space criminals with Russia,” but that he agrees with the idea that these wrongdoing individuals should be held accountable in both countries.