Experts say Russia gives hackers a ‘tacit blessing’ to attack foreign nations – as long as they don’t target Russia or its allies

FILE PHOTO: Russian President Vladimir Putin delivers a speech in Sevastopol, Crimea, March 18, 2020. Alexander Nemenov/Pool via REUTERS
Russian President Vladimir Putin.

  • The hackers who attacked SolarWinds, Colonial Pipeline, JBS, and more are believed to be Russia-based.
  • Experts say the Kremlin allows them to carry out cybercrime as long as they don’t target Russia.
  • President Biden is expected to question the Russian president on Wednesday over the recent cyberattacks.
  • See more stories on Insider’s business page.

The number of cyberattacks carried out against the US has increased recently, and the online perpetrators have one thing in common: they are believed to be linked to Russia.

Hackers have found a safe haven in Russia to carry out their attacks, as the Washington Post reported. That’s because they work without any repercussions from Moscow, which seemingly grants them leniency as long as they don’t target Russia or its allies.

Cybercriminal networks “in Russia seem to exist with the tacit blessing of the Russian state,” V.S. Subrahmanian, director of Dartmouth’s Institute of Security, Technology, and Society, told Insider. “As long as they do not carry out nefarious activities in Russia itself, they seem to be protected from severe prosecution.”

Why Russia takes a ‘hands-off’ approach

An underground network of hackers has sprouted up in Russia in recent decades, the Post reported, driven by animosity for western countries after Russia fell on hard times following the Soviet Union’s collapse.

One former hacker-turned-analyst told the paper he turned to hacking to find money after studying information security in college, and more educated youth in Russia are turning to cybercrime since “there is so much money to be made.”

Experts told the Post that cybercriminals might not only be working out of Russia because the Kremlin is allowing them to – they may even be working for the government in some cases. However, Subrahmanian said there isn’t currently any evidence that the cybercriminals do Moscow’s bidding.

“There’s just too much of this going on right now for this not to have at least implicit hands-off policy by the Russian state,” he said. “And at the very worst, it could be an explicit go-ahead. We just don’t know which of the two.”

DarkSide, which is believed to be linked to Russia, successfully targeted America’s largest fuel pipeline in May, leading to gas shortages and price surges across the eastern seaboard for a week. The largest meat supplier in the world, JBS, was hit with a ransomware attack that same month and eventually paid $11 million in bitcoin to the cyberhackers.

The FBI has accused a hacking unit called REvil, which is connected to Russia, of conducting the JBS attack.

And months before, foreign hackers were able to spy on private companies, including the Department of Homeland Security, through an attack on the IT firm SolarWinds.

Subrahmanian said there are even less-publicized hacks that tied to Russia, like a May ransomware attack on the insurance company CNA, which shelled out $40 million to regain control of its systems.

But regardless of how – if at all – involved Russia is in cybercriminals’ activity, the state profits from it, he said.

“Russia benefits greatly from different kinds of chaos in the Western world,” and that is a key aspect in the nation’s influence operations, said Subrahmanian.”Cyberattacks and weakening us economically is yet another instrument in what’s known today as gray zone warfare.”

The US needs to send a strong message, experts say

Biden Putin
President Joe Biden and Russian President Vladimir Putin are set to meet in Geneva on June 16.

President Joe Biden will meet with Vladimir Putin on Wednesday. He’s expected to ask what – if anything – Russia intends to do to fight cyberhackers based in the country, something it historically hasn’t done.

Putin has denied that the attackers behind the recent US attacks are based in Russia.

“We have been accused of all kinds of things,” Putin told NBC News in an interview this week. “Election interference, cyberattacks and so on and so forth. And not once, not once, not one time, did they bother to produce any kind of evidence or proof. Just unfounded accusations.”

Read more: America isn’t in a cyberwar with Russia and China – it’s actually the most sophisticated spy game in human history. And the US is much stronger than it looks.

US-Russia ties are strained at the moment, given the latest series of cyberattacks linked to Moscow as well as Russia’s interference in both the 2016 and 2020 US presidential elections. Biden will likely not follow his predecessor, former President Donald Trump’s, warm approach to Putin upon his visit.

Subrahmanian said he’d like to see President Biden deliver a stern message to the Russians that the US will not stand for this and that it will take action unilaterally against facilitators of these attacks “in much the same way we carry out actions against terrorists.”

However, he said he doubts that “we’re gonna see much action from Russia unless it’s backed up with some explicit threats, and we don’t have that many threats,” given Russia’s nuclear power and its large-standing military.

A senior White House official told Time that Biden could remind Putin that the US could target the Russian president’s personal fortunes overseas with its own cyber capabilities.

“The whole goal is to have [Putin] come away saying, ‘The Americans are onto us and have us encircled,'” the unnamed said.

Subrahmanian said another option for the US is to take covert action and infiltrate both dark web networks and state websites to deny them the money they hope to make through these attacks. By doing so, federal officials could also have a better idea of how connected Russia is to these cyberhackers, he said.

“It’s a slippery slope, and that’s why I’m being a little cautious, but certainly covert action against the specific places known to harbor large numbers of cybercriminals is a possibility,” as is capturing them and bringing them to the US, he said, though no option would be easy.

“I’m not calling for airstrikes – I’m calling for cyber strikes,” Subrahmanian said.

Read the original article on Business Insider

US senators urge stricter crypto regulation after a flood of ransomware attacks

IMG_3283
Sen. Mark Warner (D-VA) on January 30, 2020 and Sen. Roy Blunt (R-MO) on February 3, 2020 both in taken in Washington, DC.

Two US senators called for stricter cryptocurrency regulation after a flood of ransomware attacks that plagued the country in the past months.

Democratic Senator Mark Warner of Virginia, chair of the Senate Intelligence Committee, told NBC Meet the Press on Sunday that regulators need to scrutinize the cryptocurrency loopholes that help criminals carry 0ut cyberattacks.

“There was some good things coming out of distributed ledger technology, but we are seeing now some of the dark underbelly,” Warner said. “If a company is paying, if there’s not some transparency of that payment, the bad guys will simply find another way to hide it.”

The senator said while there has been some progress when it comes to bipartisan legislation, the debate about cryptocurrencies and ransomware is “just starting.”

In May, the Colonial Pipeline paid DarkSide Ransomware a $5 million ransom to restore services, Bloomberg reported. The transaction was said to be untraceable.

The following month, JBS, the largest meat supplier in the US, revealed it was hit by a cyberattack that affected some of its systems. Whether there was a payment of ransom or not remains unclear.

Republican Senator Roy Blunt of Missouri, also a member of the Intelligence Committee, said regulators need to demand more transparency when it comes to attacks like these to protect the American financial system.

“Nobody wanted to report that they had been hacked. That was a fight we’ve been having now for almost a decade,” he told NBC Meet the Press. But “the only way you can begin to get on top of this is to know how pervasive the problem is.”

He continued: “We have a lot of cash requirements in our country, but we haven’t figured out in the country or in the world how to trace cryptocurrency.”

“There ought to be more transparency if a company does pay, so we can go after the bad guys,” Warner said. “Right now what’s happening around ransomware, not only are the companies often not reporting that they are attacked, but they’re not reporting the ransomware payments.”

The Biden administration is reportedly looking at how to increase oversight of the cryptocurrency market to protect retail investors, sources told The Washington Post. The administration is also analyzing potential gaps that may be used to finance illicit activities, sources said.

US Treasury secretary Janet Yellen has been critical of cryptocurrencies in the past, calling out their misuse, which she described in February as “a growing problem.”

“I see the promise of these new technologies,” the former Federal Reserve chief said. “But I also see the reality: cryptocurrencies have been used to launder the profits of online drug traffickers; they’ve been a tool to finance terrorism.”

Read the original article on Business Insider