Why the United States should have invited Russia to join the anti-ransomware initiative
The new initiative against ransomware, announcement by President Joe Biden in early October, brings together around thirty countries to strengthen cooperation against ransomware and fight against the misuse of cryptocurrencies. Last week, the United States hosted a virtual international meeting of the initiative which included partners from the European Union, Quad members, South Africa, Nigeria, Kenya, Republic of Korea, Singapore, United Arab Emirates, Ukraine and others .
One country that was not invited was Russia. But should he have been?
Diplomacy and international institutions
From a US perspective, the suggestion that Russia is part of the anti-ransomware group may seem counterintuitive. Senior American officials called Russia a ‘safe haven’ for cybercriminals, and Biden noted his administration believed that the hackers behind the notorious Colonial Pipeline ransomware attack lived in Russia.
The Biden administration hoped to use the June 2021 Geneva summit between Biden and Vladimir Putin to address some of its concerns, such as the upsurge in ransomware attacks, through renewed engagement with Russia. Biden offers that critical infrastructures must not be attacked and given the Russian delegation a list of sixteen sectors defined as “critical”. He also urged Russia to take action against ransomware activity originating in its territory. Putin, in turn, reprimand the United States for failing to respond to Russian inquiries about cyber attacks. To resolve these issues, the Chairs agreed to launch expert consultations.
Admittedly, the two parties are far from being on the same wavelength and achieving diplomatic advances will not be easy. Russian officials consistently reject US accusations of any wrongdoing in cyberspace. But Russia has its own motivations for a bilateral dialogue on cyber issues. Notably because it also suffers from an increase in digital threats. Although Russia has faced far fewer cases of ransomware, other types of cybercrime are on the rise. This fall, Russian financial institutions were hit by a wave of major DDoS attacks, and the Russian tech giant Yandex claims he was hit by the biggest attack on record. More importantly, Moscow is keen to negotiate a wider range of cyber issues with Washington, including in the military realm.
So far, the two sides have provided few details on the outcome of the bilateral cybersecurity consultations launched after the Geneva summit. Russian diplomats have signaled their willingness to talk about ransomware, but not exclusively. While FBI Deputy Director Paul Abbate noted he saw “no indication” that Russia is targeting ransomware actors, Russian sources say welcomed resumption of information sharing with its American counterparts. A senior official in the Biden administration confirmed the United States was sharing information about ransomware activity with Russia and noted that Russian authorities had “taken the first steps.”
While the slowness of bilateral diplomacy may make some in the United States skeptical of the Kremlin’s willingness to fight ransomware and the benefits of deeper engagement, there are three reasons why invite Russia to join. ‘The Multilateral Ransomware Initiative is a laudable idea.
Diplomacy and international institutions
First, Russia will have a greater incentive to cooperate in the fight against ransomware if the new initiative is designed as a joint effort in the face of a common challenge rather than a US-led coalition that sees Russia as part of the problem. . Explicit statements by Biden and his senior officials explicitly saying that they did not see the Russian government responsible for the attack on the colonial pipeline helped put cybersecurity high on the Geneva summit’s agenda. Because Biden seeks to ensure that Moscow subscribes to international anti-ransomware standards, he should share ownership of the process of developing those standards.
Second, Russian law enforcement could make a significant contribution to the investigation and prosecution of ransomware attacks. Russia and the West have rarely worked together on policing cyberspace – and some past experiences have left Washington officials skeptical of Moscow’s aid. But a few cases show the potential for tangible results of cooperation. In 2004, for example, the Russian Home Office assisted the British National Hi-Tech Crime Unit by bringing to justice a gang that extorted sports betting sites in the UK, causing damage estimated at $ 3 million. In 2010, the Federal Security Service of Russia, at the request of the FBI, stopped several people involved in the $ 9 million Royal Bank of Scotland breach. According to to the Dutch Team High Tech Crime, the Netherlands provided Russia in 2016 with information on cybercriminals, who were subsequently arrested.
Additionally, given that the US initiative aims to tackle ransomware financing, Russia’s long experience of working with international partners to combat money laundering and terrorist financing will be relevant. Russia is a member of important multilateral mechanisms focused on these challenges, including the Council of Europe’s Financial Action Task Force and MONEYVAL. A 2019 assessment of Russia’s measures in this area Underline “Excellent use” of financial intelligence in investigations. In early 2021, the head of Rosfinmonitoring, the Russian financial intelligence service, announcement that he was developing a tool to track criminal cryptocurrency transactions. These capabilities could be put to good use in tracking the proceeds of cybercrime.
Third, targeted cooperation to fight ransomware could benefit cyber diplomacy globally. When it comes to everything cyber-related, Russia and the United States have been the main contractors of the standard at the UN. Their positions often clash, but their agreement is crucial in moving the conversation forward. This year, a committee of experts began work on drafting a new convention on cybercrime, something Russia has long advocated to replace the 2001 Budapest Convention and, conversely, to which s ‘oppose the United States and its allies. Nevertheless, both sides are represented on the committee and must deliver the document by September 2023.
The fact that Russia is joining the collective effort on ransomware will not bridge all the differences. However, this will help to give participants a better understanding of what is possible in practice and help build the confidence that is essential for future discussions.