France and allies call on Russia to help arrest cybercriminals

The G7 calls on Russia to cooperate in investigations against those responsible for the ransomware. Can this press release be followed by action?

It could be a turning point for the world of cybercrime. On the occasion of a summit held in Cornwell between June 11 and 13, 2021, members of the G7 – France, United States, Canada, United Kingdom, Germany, Italy and Japan – addressed for the first time the issue of ransomware.

We call on all States to urgently identify and disrupt ransomware criminal networks operating within their borders, and to hold these networks accountable for their actions. “, They declared in their press release, relayed by Vice.

If the group of 7 mentions ” all states “At first, it appears a little later which country is at the center of this reasoning:” More specifically we call Russia […] to identify, interrupt and hold accountable those who launch ransomware attacks from within its borders, abuse virtual currencies to launder ransoms, and other cybercrimes “.

Many cybercriminals take advantage of Russian laissez-faire. // Source: Louise Audry for Numerama

For the moment the G7 press release stands at a declaration, which no concrete measure accompanies. But as The Register suggests, if this change in the diplomatic posture of Western states resulted in agreements on extraditing cybercriminals, it would be a big step in the fight against ransomware.

A prologue to the Biden / Putin meeting

This statement comes ahead of a long-awaited discussion between Joe Biden and Vladimir Putin. As soon as he took office, the American president had to confront Russia on the Solarwinds affair, led according to the White House by a branch of Russian intelligence – which denies any involvement on his side.

More recently, the federal government intervened directly in the ransomware attacks against the oil pipeline operator Colonial Pipeline and the food giant JBS. In either case, Biden publicly called on Russia to cooperate, as the two gangs involved, Darkside and REvil, are said to be operating from his territory. Darkside has been dismantled without it being known exactly if the Russian authorities played a role, while REvil is being pursued more seriously than ever by the American authorities.

To support these public positions, the United States launched a ransomware program, and the Biden government has made combating cyber attacks a central part of its policy, where its predecessor swept aside the risks. .

Russian laissez-faire denounced once again

Russia is singled out by the G7 for its laissez-faire attitude towards cybercriminals. Specifically, it follows an unofficial rule: if cybercriminals spare the Russian systems and those of its allies (the former Soviet states), then the Russian authorities will ignore them. As a result, a lot of malware is squarely coded to spare Russian systems and those of its allies. Another result: most of the malware developers appear to be domiciled in Eastern Europe.

This implicit rule plays into the hands of Putin’s power: cybercriminals destabilize Western countries, without engaging the responsibility of the state. In return, Russia does not participate in international efforts to stop them. This does not mean that Moscow is sponsoring ransomware, but simply that it tolerates their operators in its territory.

So far, the Russian authorities have refrained from commenting on this policy, and they are content to deny any involvement in the attacks. According to The Register, Vladimir Poutine would be open to the idea of ​​accepting the extradition of possible cybercriminals from his territory on the condition of obtaining certain assurances of which we do not know the details. The next negotiations could be decisive in the fight against cybercrime.

Related Articles