Given the ongoing wave of Russian-based ransomware attacks, American President Joe Biden has asked Russian President Vladimir Putin during a phone call to act on the attacks against American organizations and infrastructure.
Biden added that the U.S. will take “any necessary action” to protect itself against future attacks.
The U.S. President highlighted that the Russian government needs to take initiative in order to disrupt ransomware threat actors functioning in Russia and underscored that he is dedicated to continued engagement on the broader threat constituted by ransomware.
I made it very clear to him that the United States expects when a ransomware operation is coming from his soil even though it’s not sponsored by the state, we expect them to act if we give them enough information to act on who that is.
And secondly, we’ve set up a means of communication now on a regular basis to be able to communicate with one another when each of us thinks something is happening in another country that affects the home country.
Biden and Putin’s conversation follows an extensive ransomware cyberattack on Kaseya that resulted in the infection of hundreds of businesses with Revil ransomware by the Sodinokibi Gang.
Russian Ransomware Threat Actors Targeted by the U.S. Government
Last week, White House Press Secretary Jen Psaki declared that while the massive REvil ransomware attack on Kaseya VSA servers was not imputed to anyone so far, the Biden administration will take action if the Russian president doesn’t suppress the cybercriminal activity within his country.
Following two big ransomware attacks on Colonial Pipeline and JBS, the White House chief cybersecurity adviser warned American organizations to not underestimate ransomware groups.
JBS Foods, the world’s largest meatpacking enterprise, declared it had paid an $11 million ransom to REvil ransomware after the cyberattack forced the company to shut down production at several sites worldwide, affecting production facilities from United States, Australia, and Canada.
Colonial Pipeline also paid the DarkSide ransomware group nearly $5 million in cryptocurrency in return for a decryption key to restore its systems.
In June, G7 leaders also urged Russia to take action against threat actors conducting cyberattacks and using ransomware from within its borders.