By Arab News
By Dalia Al-Aqidi*
While America was celebrating its Independence Day on July 4, a group of Russian-speaking hackers launched a massive ransomware attack against hundreds of US companies and more than a thousand others around the world.
Responsibility for the massive cyberattack was claimed by the group known as REvil — an abbreviation of Ransomware Evil. It demanded a $70 million ransom in bitcoin to restore the stolen data.
At least 200 US entities, including a Miami IT firm, Kaseya, and a contractor for the Republican National Committee (RNC), were affected by the recent attack, which was the second major one carried out by the same group. However, cybersecurity experts believe that the RNC’s computer system breach was conducted separately by a group of government hackers tied to Russia’s foreign intelligence service, clearly making it an espionage operation.
The increasing number of cyberattacks in recent weeks has shone a light on US-Russian relations, following the meeting between US President Joe Biden and his Russian counterpart Vladimir Putin in Geneva last month, in which Biden warned against attacking his country’s infrastructure. He handed Putin a list of 16 critical American sectors that were to be off limits, vowing to retaliate against any future hacks. However, we do not know if the US administration considers Kaseya to be part of one of those 16 critical infrastructure sectors.
“I pointed out to him that we have significant cyber capability. And he knows it. He does not know exactly what it is, but it is significant. And if, in fact, they violate these basic norms, we will respond with cyber. He knows,” Biden told reporters after his meeting with Putin.
Does the Russian leader really know or care? It seems that the ambitious Putin has, for the past six months, been testing the limits of the White House by intensifying the number and value of these cyberattacks. This has increased the pressure on Biden to either engage with or retaliate against Moscow.
It would be unrealistic and naive to assume that such a dangerous global act could be launched from such a dictator-led country without the knowledge, approval or even the specific instructions of Putin himself.
In the Situation Room at the White House, Biden last week held a meeting with his top cybersecurity advisers from the Departments of Homeland Security, State, and Justice, along with members of the intelligence community, to study the proper response to this Russian aggression and ways to convince Putin to rein in these cyber criminals.
What are the options available and why is the Biden administration taking its time to face this threat, which could affect the lives of millions of people both inside and outside the US?
The American people have not forgotten the recent ransomware attacks on the Colonial Pipeline and the meat processing giant JBS, which led to widespread fuel and meat shortages, and they expect their government to prevent any further disruption to their livelihoods by foreign entities.
US-Russian relations under Biden have had a bumpy start and there is no indication of a breakthrough in the near future. While the US president has a lot of national and international challenges ahead, he needs to send a strong, visible message to Moscow and its allies that his country will not tolerate such criminal acts and that he is willing and able to confront any state-backed cyberattacks against American entities.
Implementing further economic sanctions on Russia would not do the job unless they are combined with offensive cyberattacks to disrupt the networks of known hacker groups like REvil. Extortion should be met with more aggressive measures and stronger legal consequences.
The US is not the only country that is facing cyber extortion. Therefore, building a strong cyber partnership with close allies around the globe to share intelligence, technology and research would be beneficial for the participating parties and for global security.
Other than Biden’s few warnings and the famous off-limits list, the White House has not yet developed a clear strategy on how to deal with Putin, who clearly seeks to bully his rivals through illegal and shady actions. However, the two leaders spoke on Friday, with Biden urging Putin to take action against cybercriminals acting in his country, according to a brief statement issued by the White House. He also stressed that the US reserves the right to defend its people and its critical infrastructure. No ultimatum was given and no further details were provided on how Washington would respond to further ransomware attacks.
Biden’s commitment to continue engaging on the broader threat posed by ransomware attacks reflects his desire to build a predictable and stable relationship with Moscow, which would benefit both countries. But should someone in his right mind trust a dictator who jails and poisons his political opposition?
The latest cyberattacks should have offered a reasonable motive for the Biden administration to take immediate action before Putin crosses yet another red line. The opportunity presented itself for Biden to finally show his ability to balance between these two approaches to Russia and prove himself as the leader he claims to be.
- Dalia Al-Aqidi is a senior fellow at the Center for Security Policy. Twitter: @DaliaAlAqidi