Russia and Ransomware Attacks



Russia has recently launched a ransomware attack on a massive scale targeting an American information technology (IT) firm. The Russian hackers entered an IT company named Keseya based out of Miami, Florida. Following the attack on the company, the hackers breached Kaseya’s clients and associated managed service providers (MSPs).


The MSPs employ software created by Kaseya, which automatically installs updates on client networks. This auto-updating mechanism enabled the hackers to install ransomware on thousands of the company’s clients. Utilizing this pre-made infrastructure, the Russians hacked over 1,500 other companies in 17 different countries. According to the FBI and the Department of Homeland Security, the government agencies were not able to respond to assist the victims due to the massive size of the attack.


Responsibility was claimed by the cybercriminal group called REvil, who stated a demand for $70 million in exchange for a decryption key to end the ransomware attack. REvil is one of multiple cyber-hacking companies affiliated with the Russian government, which manifests Putin’s cyber hacking capabilities into the world.

The economic damage from this attack on only one MSP could reach over $77 million, according to organizations that defend democracy like the Foundation for the Defense of Democracies. The CEO of Kaseya, Fred Voccola, downplayed the impact of the attack, also rejecting that the attack could have affected dozens of related MSPs. According to a center for economic and financial power, Kaseya and their MSP clients constitute part of the officially identified IT sector, identified as part of the critical infrastructure sector by presidential policy directive 21 by former President Barack Obama. Cyber attacks from Russia targeting the U.S. and other countries are not a new phenomenon, but this attack constitutes a test of the Biden administration’s policy regarding protecting the U.S. and the international community.

 

This attack followed President Joe Biden’s warning to the Russian leader Vladimir Putin not to attempt cyberattacks in the United States. Dictator Vladimir Putin launched the attack anyway. This violation will be an early test of the Biden administration’s resolve in interacting with Russia. If the attack is determined to have originated from inside Russia, Biden indicated that the United States would “respond.” Based on previous statements by the Biden administration, this “response” would be “cyber” in nature. A notable response from the United States would be necessary to demonstrate a willingness to employ deterrence. Otherwise, Russia or other cyber-attack-capable entities could be emboldened to engage in future large-scale attacks.

The Biden administration has arrived at a critical point in decision-making regarding cyber policy. Taking action will be necessary to enforce cyber norms, deter repeated attacks against U.S. entities, and ensure boundaries are enforced the protect the U.S. and other nations around the world. If no action is taken by Biden, it becomes increasingly probable that Russia, China, and other state or even non-state actors will engage in destructive cyber attacks against the U.S., even more comprehensive in scale. A demonstration of deterrence must be enacted to protect against such attacks.


Popular posts from this blog

NATO’s Final Frontier – Space?

Image
It appears that The North Atlantic Treaty Organization (NATO) has agreed, at least in spirit, that space is a military ‘operational domain’ and decisions in the future should be made accordingly. This is a sharp contrast to the thinking decades ago, where European Space Agency’s (ESA) 22-members had stated that space ‘must’ remain non-militarized, even as the U.S. and Russians continued to covertly plan for the future wars in space, or use of space assets for dual purpose – instruments of experimentation and weapons of war. What changed? After all, the Russians and Americans both participated along with Europe, Japan and other nations in the ISS (International Space Station). Most all developed and even some less-than-developed nations have communication satellites. China has a robust space program, India too. After the cold-war with Russia we learned of secret and not so secret U.S. and Russian space weapons projects. Since then both China and India have downed their own satellites
Read more

Putin The Conqueror Expands To South America

Image
It's no secret Vladimir Putin wants Russia to be the great superpower again it was before the collapse of the USSR. It's also obvious that Putin wants to maintain relevance on the world stage. Russia is energy rich, politically astute, and has a reputation for a strong military - thus, a force to be reckoned with. It uses this power to its advantage across the globe as The Washington Times explains . Russia's Middle East Meddling In the Middle East Russia is working to establish stronger ties with Iran, assisting with a missile defense system (S-300) to prevent any future potential US strike. Meanwhile, Iran continues using proxy terrorist strategies across the Middle East as a method to serve its political will. And, of course, we know all too well what Russia has been doing in Syria propping up the Assad regime, while claiming to defend their Russian military port, now Russia has an airbase in Syria too. Today, Syria has been all but destroyed leaving a humanitarian d
Read more

Russian Cyber Security Threats Far From Over

Image
Every American Citizen, every large corporation, and every government agency down to the local level has in some way been affected by cyber hacking. Today, we are aware of the threat personally and we go out of our way to protect our personal information. Still, that doesn’t mean someone we do business with that has our personal data won’t fall victim to a cyber hack or attack. Regardless of what you believe the cyber hacking risks are, it is a present danger. It’s a reality. We’ve all heard by the media that Russia hacked our last presidential election , and while there is a lot of dispute about what actually happened in the Democratic National Committee hack, the incident does show the vulnerability to our most sacred trust – our free and fair elections. We don’t need to enumerate the endless times our personal financial data or at least our personal information has gotten into the hands of cybercriminals – we all remember the big Target Stores hack and the Experian Credit Agency
Read more