The Russian government actively harbors hackers and ransomware extortionists operating from inside the country, the US Justice Department’s top national security official said Wednesday as the two countries’ leaders held talks in Geneva.
“There is a lot of ransomware activity that is coming from Russian borders, which isn’t being conducted by Russian government officials, but is being tolerated by the Russian government,” Assistant Attorney General John Demers told a conference held by the Cyberscoop media group.
Demers said sometimes Russian government actors “moonlight” as criminals.
“But what we’re seeing predominantly is criminal actors who are lending their tools and talents to the government, and being allowed to do a lot of the activity that we’re seeing today,” he said.
“They’re not just tolerating this; they are actively getting in the way of US law enforcement efforts to combat this type of hacking,” he said.
Demers made the allegation just as US President Joe Biden was meeting in a Geneva summit with Russian President Vladimir Putin, where hacking by Russians had been expected to figure significantly in talks.
Russia-based hackers were allegedly behind the recent ransomware attack on a major US oil distribution network, Colonial Pipeline, that forced the shutdown of fuel deliveries to much of the eastern part of the US for several days.
Another recent attack also blamed on Russia-based hackers shut down the computers of JBS, one of the world’s largest meatpackers.
Ransomware groups largely based in Russia and Eastern Europe have extorted hundreds of millions of dollars from mostly western companies, governmental bodies, and other organizations in recent years.
“Crime is hard enough to solve when the governments are doing everything they can to solve it,” Demers said.
“When they are actively more than tolerating it, actually using it to their own advantage, that becomes exceedingly difficult to deal with.”