Biden urges Russian leader to crack down on cybercriminals
WASHINGTON — President Biden told Russian President Vladimir Putin in a Friday phone call that he must “take action” against cybercriminals acting in his country and that the U.S. reserves the right to “defend its people and its critical infrastructure” from future attacks, the White House said.
The warning to Putin was largely a repetition of the tough rhetoric Biden had used during their meeting in Geneva last month, when he warned that there would be consequences for continuing cyberattacks
emanating from Russia. Since then, a new ransomware attack linked to the Russiabased REvil hacking group has caused widespread disruption, placing Biden under growing pressure to this time marry the warning with actions — though none were immediately announced.
“I made it very clear to him that the United States expects when a ransomware operation is coming from his soil even though it’s not sponsored by the state, we expect them to act if we give them enough information to act on who that is,” Biden said. Asked whether there will be consequences, he said, “Yes.”
The call with Putin under
scored the extent to which the ransomware threat from criminal hacker gangs has mushroomed into an urgent national security challenge for the White House, and it suggested a possible concession by the administration that earlier warnings to the Russian leader had failed to curb a criminal activity that has taken aim at businesses across the globe.
Biden told reporters that the U.S. and Russia have “set up a means of communication now on a regular basis to be able to communicate with one another when each of us thinks something is happening in another country that affects the home country. And so it went well.
I’m optimistic.”
In its own summary of the call, the Kremlin said “Putin noted that despite the Russian side’s readiness to jointly stop criminal activities in the information sphere, U.S. agencies haven’t made any requests during the past month.”
Officials did not immediately announce any specific actions they were taking or would consider taking. There are few easy options to resolve the threat without risking a conflict that could spiral out of control beyond the cybersecurity realm.