Takeaways From Biden-Putin ‘Cyber Summit’
Cybersecurity experts have been poring over the transcripts from Wednesday’s news conferences in Geneva to determine whether the U.S.-Russia summit will produce real progress in halting a wave of high-profile ransomware attacks. For most, the answer is: It’s too soon to tell. In the run-up to the meeting between President Joe Biden and Russian President Vladimir Putin, cyberattacks for ransom emanating from Russia emerged as a critical national security issue for the United States. Concern over Russia’s purported role in these attacks grew after ransomware criminals believed to be based in Russia breached the computer networks of Colonial Pipeline — the largest pipeline system for refined oil products in the U.S. — and beef processing giant JBS last month.FILE – A JBS Processing Plant stands dormant after halting operations on June 1, 2021 in Greeley, Colorado. JBS facilities around the globe were impacted by a ransomware attack, forcing many of their facilities to shut down.Biden vowed to confront Putin over ransomware. But while no breakthrough over cybersecurity emerged from the summit, the two leaders agreed to start consultations over the issue. Cyber consultations Experts from the two countries will be tasked to work on “specific understandings of what’s off-limits” and to follow up on cyberattacks that originate in either country, Biden said. What that will entail remains to be seen, but cybersecurity experts say the talks will likely be conducted by working groups composed of low-level officials from across the Biden administration and their Russian counterparts. Sixteen exemptions The president said he handed Putin a list of 16 sectors such as energy and water services that the U.S. insists are out of bounds to attacks. These were designated as critical infrastructure sectors under a 2013 presidential directive. “I talked about the proposition that certain critical infrastructure should be off-limits to attack, period — by cyber or any other means,” Biden told reporters. FILE – A gasoline station posts signage saying that it has run out of unleaded and mid-grade fuel and has a $20 limit on super, following a ransomware attack on Colonial Pipeline, at the pump in Atlanta, May 11, 2021.In addition to energy and water systems, the list includes information technology, health care and public health, and food and agriculture — all of which have been the FILE – John Demers of the National Security Division speaks during a press conference at the Justice Department in Washington, Oct. 7, 2020.John Demers, the outgoing head of the Justice Department’s national security division, said that while the U.S. has in the past asked Russia for information on cybercriminals, it has all but given up on seeking cooperation. “I think we’ve reached the stage today where there’s very little point in doing so,” Demers said at an event Tuesday sponsored by public sector media company CyberScoop. Biden said Russia will be judged by its actions.”Of course, the principle is one thing,” the president said. “It has to be backed up by practice. Responsible countries need to take action against criminals who conduct ransomware activities on their territory.” U.S. cyber offensive capability Biden said that while he issued no threats during the roughly three-hour meeting, he made it clear there will be consequences for Russian actions, telling Putin, “If you do that, then we’ll do this.” In recent years, the U.S. has significantly bolstered its offensive cyber capabilities. The United States Cyber Command is tasked with carrying out cyberspace operations against malicious foreign actors. As part of an offensive cyber operation, Cyber Command can block a target’s internet access, destroy its databases or take down the group’s entire computer network. “I pointed out to him we have significant cyber capability, and he knows it,” Biden said of Putin. “He doesn’t know exactly what it is, but it’s significant.” In 2018, a U.S. cyber operation reportedly blocked Russian troll farm Internet Research Agency’s internet access. Last year, Cyber Command, along with the National Security Agency, reportedly carried out a cyber operation against hackers working for Iran’s Islamic Revolutionary Guard Corps after they sent threatening emails to U.S. voters to undermine confidence in the November presidential elections.
…