Washington: A ransomware attack on JBS, the world’s largest meat processor, by a criminal group likely based in Russia has strengthened the Biden administration’s resolve to hold Moscow responsible for costly cyber assaults – even if they are not directly linked to the Kremlin.
The JBS hack, which shut down Australia’s largest meat processor this week, is the third major cyberattack linked to hackers from Russia since Biden took office in January, following attacks aimed at Colonial Pipeline and software made by SolarWinds Corp.
JBS is a Brazilian company with extensive US and Australian operations.
Joe Biden, and Vladimir Putin in Moscow, Russia in 2011. Credit:AP
US President Joe Biden has launched a review of the threat posed by ransomware attacks and he will discuss the issue of harbouring such hackers with Russian President Vladimir Putin this month, the White House said on Wednesday (Thursday).
“President Biden certainly thinks that President Putin and the Russian government has a role to play in stopping and preventing these attacks,” White House press secretary Jen Psaki said on Wednesday.
The White House plans to use a June 16 summit between Biden and Russian President Vladimir Putin to deliver a clear message to the Russian leader, officials said. A next step could be destabilisation of the computer servers used to carry out such hacks, some cyber experts say.
“Biden has indicated his willingness to hold Russia accountable in some way for the pipeline attack, even though it was carried out by a criminal organisation,” said Tom Bossert, a top homeland security adviser to former President Donald Trump. “That’s a big leap forward.”
Biden, who has repeatedly taken aim at Russia for its jailing of Kremlin critic Alexei Navalny and a military buildup near Ukraine, will urge NATO allies, EU leaders and the Group of Seven rich countries to back a strong, unified stance on Russia at separate summits before he meets Putin, U.S. officials say.
Consensus is growing among Western allies that stronger action is needed, they say.
The White House said on Tuesday it was engaging directly with the Russian government. The statement marks a clear shift toward a new and more assertive US policy against Russia on hacking, say former and current US security officials and analysts.
The White House response came after Senator Lindsey Graham and other Republicans criticised the Biden administration for a “weak” response to last month’s ransomware attack on Colonial Pipeline, the largest fuel pipeline in the United States, by DarkSide, a group with ties to Russia.
US officials said they sprang into action after both incidents. The White House also started a review of ransomware attacks, including a push to work with allies to “hold countries who harbor ransom actors accountable.”
Part of the difficulty in addressing cyber attacks stems from the relationship between hackers and the nations that benefit from them.
Australian Labor Party MP Tim Watts likens ransomware crews to modern-day pirates.
“If the countries that host these pirates won’t force them to face justice through the legal system, we should use all the tools available to us in the cyber domain to hunt down and destroy these criminal groups,” he said this week, after the JBS hack.
James Lewis, a cyber expert at the Centre for Strategic and International Studies think tank, said people who brief Biden had told him they expect strong language from Biden at the meeting.
“Biden is tough. He’s going to tell Putin, ‘This is enough. You’ve got to stop or we’ll do something back,’” Lewis said.
The US intelligence and military community has long had the capability to damage computer servers used by private hackers in other countries, but largely refrained, given diplomatic concerns about the consequences.
The JBS hack could signal a turning point.
Lewis said a surge in ransomware attacks had overshadowed diplomatic concerns in recent months.
“The Russians don’t see any reason to stop. Until we do something, this is going to keep happening,” he said. Biden’s experts are working on a new doctrine.
Bossert said Russian-based hackers could well increase their attacks on US companies in response to any foreign policy decisions taken at the upcoming G7, NATO and EU summits. That would give the United States more reasons to take down the infrastructure used to launch such attacks.
“The US government should be prepared to use its capabilities to directly take down the infrastructure that would be used – whether belonging to a government or a proxy group – should cyber attacks escalate,” he said.
Reuters with reporters
Most Viewed in World
From our partners
Source: Read Full Article