Several months after President Biden met with Russian President Vladimir Putin and said American critical infrastructure is off-limits from attackers, federal cyber officials said malicious cyber activity from Russia is changing but they cannot yet fully explain why.
“Since the summit between the president and Putin and the president laying down that marker, have we seen attacks from Russian based groups, particularly those groups that were responsible for some of our biggest disruptions, have you seen a decrease, an increase, or no change in their level of attempts to attack us?” asked Ms. Slotkin, Michigan Democrat.
“I think that answering the question head-on, we have seen a discernable decrease,” said Mr. Inglis. “It’s too soon to tell whether that is because of the material efforts undertaken by the Russians or the Russian leadership. It may well be that the transgressors in this space have simply [laid] low understanding that this is, for the moment, a very hot time for them.”
Government and private-sector cybersecurity professionals have blamed hacks on federal networks and ransomware attacks hammering critical infrastructure on various cyber criminals operating in Russia.
Hacks and cyberattacks with links to Russia have continued to hit Americans. For example, a ransomware gang connected to Russia named Grief claimed the National Rifle Association as a victim last week. Cybersecurity professionals have linked Grief to Evil Corp., which the U.S. Treasury Department sanctioned in 2019.
Alongside Mr. Biden’s admonishments to Mr. Putin, the administration slapped sanctions on Russia for the SolarWinds hack of computer network management software that disrupted government operations.
In April, the Treasury Department said its sanctions were designed to cripple technology companies that support Russia’s malicious cyber action against America and prohibit “certain dealings in Russian sovereign debt.”
The federal government has continued to deploy targeted sanctions to alter the behavior of alleged cyber criminals in Russia. In September, the Biden administration hit a cryptocurrency exchange that operates in Russia with sanctions because it allegedly facilitated payments to cyber gangs.
The Commerce Department on Wednesday added Positive Technologies in Russia to its Entity List, which blacklists foreign people and businesses from operating in the U.S. The Biden administration determined that the group trafficked in “cyber tools used to gain unauthorized access to information systems.”
At an Aspen Security Forum on Wednesday, another top cyber security official also said it was undetermined if the policies caused a change in the behavior of Russian cyber criminals.
“What I would say is, let’s let this play out. There’s engagement going on again in a realm that’s, it’s outside of what I do but I would say that it’s too early to tell,” said Army Gen. Paul Nakasone, National Security Agency director and commander of U.S. Cyber Command.
New details about Russia’s appetite for working with America could come soon.
State Department officials also provided a closed-door briefing on cybersecurity policy for the Senate Foreign Relations Committee on Wednesday morning.
View original post