WASHINGTON – President Joe Biden told Russian President Vladimir Putin on Friday the United States would take “any necessary action” to defend its people and infrastructure after the latest ransomware attack by a Russia-linked group that compromised as many as 1,500 businesses worldwide.
In a call with Putin, Biden “underscored the need for Russia to take action to disrupt ransomware groups operating in Russia and emphasized that he is committed to continued engagement on the broader threat posed by ransomware,” according to a White House statement.
A Russia-linked hacking group known as REvil took responsibility for the ransomware assault on the software provider Kaseya, although U.S. intelligence officials have not publicly said who was responsible.
The president warned Putin that he would hold Russia accountable for cyberattacks that originate there even if they are not directly connected to the Kremlin.
“I made it very clear to him that the United States expects when ransomware operation is coming from his soil – even though it’s not sponsored by the state – we expect him to act if we give him enough information to act on who that is,” Biden said Friday.
He said there would be consequences if the Russian president did not act to curb the cyberattacks on the USA and elsewhere but predicted it wouldn’t come to that.
“I believe we’re going to get cooperation,” Biden said before boarding Air Force One to spend the weekend at his home in Wilmington, Delaware.
As many as 1,500 companies across the USA, Europe and Asia were affected by the Kaseya incident. The Republican National Committee said its contractor Synnex was among those hacked, but no RNC data was compromised.
The White House would not elaborate on possible actions against Russia. “Some of them will be manifest and visible, some of them may might not be,” said a senior Biden administration official who was authorized to discuss the White House’s position on the condition of anonymity. The White House has sought “multiple, specific requests for action” on cyber-criminals from the Kremlin, the official said.
Among the cybercrimes against critical infrastructure and U.S. corporations was an attack on the nation’s largest fuel pipeline in May. The president raised the issue with Putin when the two met in Geneva last month and said he demanded the Russian president crack down on such strikes against the USA.
Biden said that he gave Putin a list of 16 critical sectors that would warrant a response if hacked and that it would take six months to a year to know “whether or not we actually have a strategic dialogue that matters.”
REvil extorted $11 million from meat processor JBS last month. Security researchers said its ability to evade anti-malware safeguards and its apparent exploitation of a previously unknown vulnerability on Kaseya servers reflect the growing financial muscle of REvil and a few dozen other top ransomware gangs, whose success helps them afford the best digital burglary wares. Such criminals infiltrate networks and paralyze them by scrambling data, extorting their victims.
Contributing: The Associated Press
Reach Courtney Subramanian at @cmsub and Joey Garrison at @joeygarrison.
This article originally appeared on USA TODAY: Biden warns Putin to crack down on Russian ransomware attacks