Analysis: hacks force Biden to take a more aggressive stance on Russia
A ransomware attack on JBS, the world’s largest meat packer, by a presumably Russia-based criminal group has bolstered the Biden administration’s resolve to hold Moscow accountable for costly cyberattacks – even if they are not directly related to the Kremlin.
US President Joe Biden has launched a review of the threat posed by ransomware attacks and he will discuss the issue of hosting such hackers with Russian President Vladimir Putin this month, the White House said on Wednesday.
“President Biden certainly believes that President Putin and the Russian government have a role to play in stopping and preventing these attacks,” White House press secretary Jen Psaki said on Wednesday.
The JBS hack is the third major cyberattack linked to Russian hackers since Biden took office in January, following attacks on Colonial Pipeline Co and SolarWinds Corp (SWI.N) software. JBS is a Brazilian company with extensive operations in the United States.
“Biden has indicated his willingness to hold Russia responsible in some way or another for the pipeline attack, even though it was carried out by a criminal organization,” said Tom Bossert, a senior advisor. to the homeland security of former President Donald Trump. “It’s a big step forward.”
The White House plans to use the June 16 summit between Biden and Russian President Vladimir Putin to send a clear message to the Russian leader, officials said. A next step could be the destabilization of the computer servers used to carry out such hacks, according to some cyber experts.
Biden has launched a review of the threat posed by ransomware attacks and he will discuss the issue of hosting such hackers with Russian President Vladimir Putin this month, the White House said on Wednesday.
Russia joined UN member states in approving a march report accept voluntary standards regarding cybercrime, including a commitment not to knowingly carry out or support cyber attacks in violation of international law that intentionally damage or alter critical infrastructure.
Biden, who has repeatedly targeted Russia for his imprisonment of Kremlin critic Alexei Navalny and a military build-up near Ukraine, will urge NATO allies, EU leaders and wealthy Group of Nations Seven to support a strong, unified position on Russia at separate summits before he meets Putin, US officials say.
Consensus is growing among Western allies that stronger action is needed, they say.
The White House said on Tuesday it was engaging directly with the Russian government. The statement marks a clear shift towards a new, more assertive US policy against Russia on hacking, according to former and current US security officials and analysts.
The White House response came after Senator Lindsey Graham and other Republicans criticized the Biden administration for a “weak” response to last month’s ransomware attack on Colonial Pipeline, the world’s largest fuel pipeline from the United States, by DarkSide, a group with ties to Russia.
US officials said they took action after the two incidents. The White House has also launched a review of ransomware attacks, including a push to work with allies to “hold countries that harbor ransom players accountable.”
James Lewis, a cyber expert at the Center for Strategic and International Studies think tank, said people who briefed Biden told him they expected strong language from Biden during the meeting.
“Biden is tough. He’s going to say to Putin, ‘That’s enough. You have to stop or we’ll do something back,’” Lewis said.
DEACTIVATION OF HACKER INFRASTRUCTURE
The U.S. military and intelligence community has long had the ability to damage computer servers used by private hackers in other countries, but has largely abstained, given diplomatic concerns about the consequences.
The hack of JBS could mark a turning point.
Lewis said an increase in ransomware attacks had overshadowed diplomatic concerns in recent months.
“The Russians see no reason to stop. Until we do something, it will continue to happen,” he said. Biden experts are working on a new doctrine.
Bossert said Russia-based hackers may well step up their attacks on U.S. companies in response to any foreign policy decisions made at upcoming G7, NATO and EU summits. This would give the United States more reason to dismantle the infrastructure used to launch such attacks.
“The US government should be prepared to use its capabilities to directly dismantle the infrastructure that would be used – whether owned by a government or a proxy group – if cyber attacks escalate,” he said.
Our standards: Thomson Reuters Trust Principles.