At a glance.
- Privateering, sovereignty, and international norms.
- The Putin-Biden summit: a Russian view.
- The US works to organize a response to ransomware.
An essay against privateering.
The Atlantic Council argues that Moscow could and should curtail cyberattacks on the US, but “benefits politically from the chaos.” One of the Kremlin’s geopolitical goals is to “diminish democracy and sow civil discord” in rival Western states. While Russia has the ability to interrupt or discourage home-grown campaigns through arrests and seizures, instead the government encourages, protects, and works with threat actors—despite Moscow’s sign-on to a UN resolution backing host countries’ responsibility for criminal cyber behavior. Under the UN resolution’s norms, countries “should not knowingly allow their territory to be used for internationally wrongful [cyber] acts,” or “use proxies” to conduct unlawful acts. (This is analogous to nations’ undertakings to prevent their territory to be used by brigands, pirates, or insurrectionaries. Controlling your physical space is a traditional attribute of sovereignty; the same ought to apply to cyberspace.)
A Russian view of the upcoming Biden-Putin summit.
The approaching Washington-Moscow talks, scheduled for June 16, will cover “cybercrime and cybersecurity challenges,” TASS is authorized to declare. Kremlin Spokesman Dmitry Peskov commented, “Things will change when full-scale cooperation in the cyber field kicks off, the cooperation that President Putin called for. However, it is too early to talk about this kind of cooperation.” The leaders’ first in-person get-together will also examine Covid-19, regional disputes, and “strategic stability matters.”
The US seeks to organize a response to ransomware.
According to Commerce Secretary Gina Raimondo, President Biden is weighing "all of the options” for addressing ransomware, up to and including military retaliation, Reuters reports. The private sector, Energy Secretary Jennifer Granholm added, needs to stop compensating threat actors and start notifying the Government when attacked.
Ransomware has become a top priority for the Biden Administration, ABC News notes, despite “numerous technological, legal and diplomatic hurdles.” In addition to rebuking President Putin next week, President Biden has committed to strengthening defenses, prosecutorial efforts, and political alliances.
Some are calling for counter-attacks on gangs’ infrastructure and a whole-of-government technical analog to the “war on terror,” which effectively disrupted al-Qaida’s capacities without touching Ayman al-Zawahiri. NSA Director Paul Nakasone predicted the Government will be “bringing the weight of our nation” down on ransomware infrastructure, while Senator Angus King (Independent of Maine) remarked that ransomware will be “front and center” in Congress over the next several weeks.
Forbes reports former CyberCom official Brett Williams’ opinion that the US should “go after the attackers who have a strategic impact on our country,” regardless of their apparent status as either APTs or private citizens.