Accessibility links

Breaking News

U.S. Welcomes Russia's Arrest Of Alleged Hackers, Including Suspect In Pipeline Ransomware Attack

Updated

According to the U.S. Treasury Department, ransomware payments in the United States so far have reached $590 million in the first half of 2021, compared to a total of $416 million in 2020.
According to the U.S. Treasury Department, ransomware payments in the United States so far have reached $590 million in the first half of 2021, compared to a total of $416 million in 2020.

WASHINGTON -- The United States has welcomed Russia’s move to arrest alleged members of a notorious hacking group, including the individual suspected of being behind last year's ransomware attack on a U.S. pipeline operator.

“We're pleased with these initial actions,” a senior administration official said on January 14, adding the United States expects Russia to prosecute the alleged hackers.

Russia's Federal Security Service (FSB) earlier in the day announced it had arrested 14 suspected members of Sodinokivi/REvil at the request of the United States.

The suspects were apprehended in Moscow, St. Petersburg, as well as other regions through a joint investigation by the FSB and the Interior Ministry.

One of the individuals arrested is alleged to have been behind the May ransomware attack against Colonial Pipeline, the senior U.S. administration official said.

The ransomware attack forced the company to preemptively shut down its pipeline, which stretches from Texas to New Jersey and delivers nearly half of the transport fuels for the Atlantic Coast, causing a temporary fuel shortage.

It helped propel cybersecurity to the top of the agenda of the summit a month later between U.S. President Joe Biden and Russian President Vladimir Putin in Geneva.

During the summit, Biden called on Putin to go after cybercriminals operating from inside Russia who target businesses around the world, especially in the United States, through ransomware attacks.

Russia-based hackers are believed to be behind a significant proportion of global ransomware attacks. However, the Kremlin has historically turned a blind eye to their activities as long as they don’t target domestic companies and individuals, experts say.

Biden and Putin agreed in June to set up a working group on cybersecurity.

The senior administration official said the United States has given Russia information on the alleged hackers through that working group channel.

Among the 14 individuals detained by the FSB were two hackers alleged to have been behind July’s ransomware attack on the Florida-based software firm Kaseya. That attack affected businesses around the world and may have prompted a call days later between Biden and Putin.

A Moscow court on January 14 moved to arrest the two alleged Kaseya hackers, Andrei Bessonov and Roman Muromsky, and hold them in pretrial detention.

Both Muromsky and Bessonov have been charged with the illegal use of currencies and placed in custody until March 13, according to a court spokesperson.

Overall, the FSB raided more than 25 locations tied to the 14 suspects and netted more than $5.6 million, including cryptocurrencies, as well as luxury cars and computer equipment.

  • 16x9 Image

    RFE/RL

    RFE/RL journalists report the news in 27 languages in 23 countries where a free press is banned by the government or not fully established. We provide what many people cannot get locally: uncensored news, responsible discussion, and open debate.

RFE/RL has been declared an "undesirable organization" by the Russian government.

If you are in Russia or the Russia-controlled parts of Ukraine and hold a Russian passport or are a stateless person residing permanently in Russia or the Russia-controlled parts of Ukraine, please note that you could face fines or imprisonment for sharing, liking, commenting on, or saving our content, or for contacting us.

To find out more, click here.

XS
SM
MD
LG