President Joe Biden and Russian President Vladimir Putin arrive to meet at the 'Villa la Grange', in Geneva, Switzerland, June 16, 2021.

President Joe Biden and Russian President Vladimir Putin arrive to meet at the 'Villa la Grange', in Geneva, Switzerland, June 16, 2021. AP / Patrick Semansky

The US Should Have Invited Russia to Join Its Counter-Ransomware Initiative

The Biden administration recently hosted a ransomware summit which excluded the Russian government. The United States should have done more to involve Russia in ransomware negotiations.

The new Counter-Ransomware Initiative, announced by President Joe Biden in the beginning of October, brings together thirty countries to strengthen cooperation against ransomware and tackle misuse of cryptocurrencies. Last week, the United States hosted a  virtual international meeting of the initiative that included European Union partners, members of the Quad, South Africa, Nigeria, Kenya, Republic of Korea, Singapore, United Arab Emirates, Ukraine, and others. 

One country that was not invited was Russia. But should it have been? 

From the United States’ perspective, the suggestion that Russia participate in the anti-ransomware group may seem counterintuitive. Senior U.S. officials called Russia a “safe haven” for cybercriminals, and Biden said his administration believed the hackers behind the notorious Colonial Pipeline ransomware attack were living in Russia.  

The Biden administration hoped to use the June 2021 Geneva summit between Biden and Vladimir Putin to address some of its concerns, such as the surge of ransomware attacks, through renewed engagement with Russia. Biden proposed that critical infrastructure should not be attacked and gave the Russian delegation a list of sixteen sectors defined as “critical.” He also urged Russia to take action against ransomware activities coming from its territory. Putin, in turn, reprehended the United States for not responding to Russian inquiries regarding cyberattacks. To address these issues, the presidents agreed to start expert consultations. 

To be sure, the two sides are far from being on the same page and achieving diplomatic progress will not be easy. Russian officials consistently dismiss U.S. accusations of any wrongdoing in cyberspace. But Russia has its own motivations for bilateral dialogue on cyber issues. Not least because it suffers from increased digital threats, too. Though Russia has faced far fewer ransomware cases, other types of cybercrime are on the rise. This fall, Russian financial organizations have been hit by a wave of major DDoS attacks, and Russian tech giant Yandex claimed it was hit by the largest recorded attack ever. Even more important, Moscow is eager to negotiate a broader range of cyber issues with Washington, including in the military domain. 

So far both sides have offered few details on the outcomes of bilateral cybersecurity consultations launched after the Geneva summit. Russian diplomats have signaled a willingness to talk about ransomware, although not exclusively. While FBI Deputy Director Paul Abbate said he saw “no indication” that Russia has gone after ransomware actors, Russian sources welcomed resumed information sharing with U.S. counterparts. A senior Biden administration official confirmed the United States was sharing information on ransomware activity with Russia and noted that Russian authorities had “taken initial steps.” 

Although the slow pace of bilateral diplomacy could make some in the United States skeptical about the Kremlin’s willingness to address ransomware and the benefits of further engagement, there are three reasons why inviting Russia to join the multilateral Counter-Ransomware Initiative is a worthy idea. 

First, Russia will have more incentives to cooperate on fighting ransomware if the new initiative is framed as a joint effort in the face of a common challenge rather than a U.S.-led coalition that considers Russia part of the problem. Explicit statements by Biden and his senior officials explicitly saying that they did not consider the Russian government responsible for the attack on Colonial Pipeline helped put cybersecurity at the top of the Geneva summit’s agenda. Because Biden seeks to ensure that Moscow subscribes to international standards on countering ransomware, it should share ownership of the process where such standards are elaborated. 

Second, Russian law enforcement could significantly contribute to the investigation and prosecution of ransomware attacks. Russia and the West have rarely worked together on policing cyberspace—and some past experiences have left Washington officials skeptical about assistance from Moscow. But a few cases show the potential for tangible results from cooperation. In 2004, for example, the Russian Ministry of Interior assisted the British National Hi-Tech Crime Unit in bringing to justice a gang that had extorted sports-betting websites in the United Kingdom, causing an estimated $3 million in damage. In 2010, Russia’s Federal Security Service, at the FBI’s request, arrested several individuals involved in the $9-million breach of the Royal Bank of Scotland. According to the Dutch Team High Tech Crime, the Netherlands provided Russia information in 2016 about cybercriminals, who were then arrested.   

Moreover, because the U.S. initiative seeks to go after ransomware financing, Russia’s long track record of cooperating with international partners to combat money laundering and the financing of terrorism will be relevant. Russia is a member of important multilateral mechanisms focused on these challenges, including the Financial Action Task Force and Council of Europe’s MONEYVAL. A 2019 evaluation of Russia’s measures in this field highlighted “excellent use” of its financial intelligence in investigations. In early 2021, the head of Rosfinmonitoring, Russia’s financial intelligence service, announced that it was developing a tool to track criminal cryptocurrency transactions. These capabilities could be put to good use in tracing proceeds from cybercrime. 

Third, targeted cooperation to counter ransomware could be beneficial to cyber diplomacy on a global scale. When it comes to all things cyber, Russia and the United States have been major norm entrepreneurs at the UN. Their positions often collide, but their agreement is crucial to moving the conversation forward. This year, an expert committee began work on drafting a new cybercrime convention, something long advocated by Russia to replace the 2001 Budapest Convention and, conversely, opposed by the United States and its allies. Nonetheless, both sides are represented in the committee and will have to deliver the document by September 2023. 

Having Russia join the collective effort on ransomware will not bridge all the differences. It will, however, shape a better understanding among participants of what is possible in practice and help build much-needed trust for future talks. 

This piece, first published by the Council on Foreign Relations, is used with permission.

NEXT STORY: How to Think About Colin Powell

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.