Attempted hack of RNC is a test for Biden
Russian origins are suspected
Russian hackers are accused of breaching a contractor for the Republican National Committee last week, around the same time that Russian cybercriminals launched the single largest global ransomware attack on record, incidents that are testing the red lines set by President Joe Biden during his high-stakes summit with President Vladimir Putin of Russia last month.
The RNC said in a statement on Tuesday that one of its technology providers, Synnex, had been hacked. While the extent of the attempted breach remained unclear, the committee said none of its data had been accessed.
Early indications were that the culprit was Russia’s SVR intelligence agency, according to investigators in the case. The SVR is the group that initially hacked the Democratic National Committee six years ago and more recently conducted the SolarWinds attack that penetrated more than a halfdozen government agencies and many of the largest U.S. corporations.
The RNC attack was the second of apparent Russian origin to become public in the past few days, and it was unclear late Tuesday whether the two were related. On Sunday, a Russian-based cybercriminal organization known as REvil claimed responsibility for a cyberattack over the long holiday weekend that has spread to 800 to 1,500 businesses around the world. It was one of the largest attacks in history in which hackers shut down systems until a ransom is paid, security researchers said.
The twin attacks are a test for Biden just three weeks after he, in his first meeting as president with Putin, demanded that the Russian leader rein in ransomware activities against the United States. At the meeting, Biden said later, he presented Putin with a list of 16 critical sectors of the American economy that, if attacked, would provoke a response although he was cagey about what that response would be.
“If, in fact, they violate these basic norms, we will respond with cyber,’’ Biden said at a news conference immediately after the meeting. “He knows.” But he quickly added of Putin that “I think that the last thing he wants now is a Cold War.”
White House officials were preparing to meet Wednesday to discuss the latest ransomware attack, which used the innovative technique of getting into the supply chain of software used by governments, federal agencies and other organizations a tactic that the SVR deployed in SolarWinds last year.
The White House didn’t immediately respond to a request for comment on the breach of Synnex, the RNC contractor, which was reported earlier by Bloomberg News. The newest attacks appeared to cross many lines that Biden has said he would no longer tolerate. On the campaign trail last year, he put Russia “on notice” that, as president, he would respond aggressively to counter any interference in U.S. elections. Then in April, he called Putin to warn him about impending economic sanctions in response to the SolarWinds breach.
Last month, Biden used the summit with Putin to make the case that ransomware was emerging as an even larger threat, causing the kind of economic disruption that no state could tolerate. Biden specifically cited the halting of the flow of gasoline on the East Coast after an attack on Colonial Pipeline in June, as well as the shutdown of major meat-processing plants and earlier ransomware attacks that paralyzed hospitals.
The issue has become so urgent that it has begun shifting the negotiations between Washington and Moscow, raising the control of digital weapons to a level of urgency previously seen largely in nuclear arms control negotiations.
On Tuesday, the White House press secretary, Jen Psaki, said U.S. officials will meet with Russian officials next week to discuss ransomware attacks a dialogue the two leaders had agreed upon at their summit in Geneva.