FBI Deputy Director Paul Abbate said Tuesday there has been “no indication” that the Russian government has taken steps to stop the activities of cyber criminals engaging in ransomware attacks against U.S. organizations, despite outreach efforts by the Biden administration.
“Based on what we’ve seen, I would say there is no indication that the Russian government has taken action to crack down on ransomware actors that are operating in the permissive environment that they have created there,” Abbate said during a panel at the Intelligence and National Security Summit.
“We’ve asked for help and cooperation with those who we know are in Russia who we have indictments against, and we’ve seen no action, so I would say that nothing’s changed in that regard,” he said.
Abbate’s comments came months after President BidenJoe BidenTexas announces election audit in four counties after Trump demand Pennsylvania AG sues to block GOP subpoenas in election probe House passes sweeping defense policy bill MORE met with Russian President Vladimir PutinVladimir Vladimirovich PutinNavalny knocks Apple, Google for removing voting app Federal agencies warn companies to be on guard against prolific ransomware strain Top US general: Meeting with Russian counterpart 'productive' MORE at an in-person summit in Geneva to discuss issues including a spate of ransomware attacks against critical U.S. organizations linked to Russian-based cyber criminal groups.
These included the separate ransomware attacks in May on Colonial Pipeline, which provides 45 percent of the U.S. East Coast’s fuel supply, and on meat producer JBS USA, with both attacks endangering key supply chains.
Biden gave Putin a list of entities that the U.S. views as critical infrastructure and that the administration views as off limits to attack. Biden also stressed the need for Putin to take action against cyber criminal groups operating in Russia.
“Responsible countries need to take action against criminals who conduct ransomware activities on their territory,” Biden told reporters following the summit. “So we agreed to task experts of both our countries to work on specific understandings about what’s off limits and follow up on specific cases that originate in other countries, in either of our countries.”
Key members of the Biden administration in recent weeks have stressed that they have not given up on the Russian government taking steps to curtail activity by malicious hacking groups.
Anne Neuberger, the deputy national security adviser for Cyber and Emerging Technology, told reporters at the White House earlier this month that “discussions with the Russians continue” and that Biden is “looking for action with regard to addressing cyber activity.”
National Cyber Director Chris Inglis last week said that it was “too soon to tell” if Russian-linked cyberattacks would decrease permanently.
“We have...seen that those attacks have fallen off, we’ve seen that those syndicates have to some degree deconstructed,” Inglis said of Russian groups engaged in ransomware attacks as part of remarks at the Reagan Institute. “I think it’s a fair bet that they have self-deconstructed, they have essentially gone cold and quiet to see whether the storm will blow over and whether they can then come back.”
“What I think will make the difference is whether Vladimir Putin and others who have the ability to enforce the law, international law as we know it and see it, will ensure that they don’t come back,” Inglis said.