Last month, Mr Biden used the summit meeting with Mr Putin to argue that ransomware is emerging as an even bigger threat, causing the kind of economic disruption that no state could tolerate. In particular, Mr Biden cited the disruption of gasoline flow on the east coast following an attack on the Colonial Pipeline in June, as well as the shutdowns of large meat processing plants and previous ransomware attacks that crippled hospitals.
The issue has become so urgent that it has begun shifting negotiations between Washington and Moscow and bringing digital weapons control to a level of urgency previously seen primarily in negotiations on nuclear arms control. On Tuesday, White House press secretary Jen Psaki said American officials will meet with Russian officials next week to discuss ransomware attacks – a dialogue the two leaders agreed at their summit in Geneva.
On Saturday when the attacks were underway, Putin gave a speech introducing Russia’s latest national security strategy, which outlines measures to respond to foreign influence. The document claimed that Russian “traditional spiritual, moral and cultural-historical values are actively attacked by the US and its allies”.
While the strategy reaffirmed Moscow’s commitment to diplomatic conflict resolution, it stressed that Russia “considers it legitimate to take symmetrical and asymmetrical measures” to prevent “unfriendly actions” by foreign states.
July 6, 2021, 8:19 p.m. ET
The remarks, cybersecurity experts said, were Putin’s response to the summit with Mr Biden.
“Biden did a good job setting a marker, but if you’re a thug the first thing you test for is that red line,” said James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies in Washington. “And that’s what we see here.”
Mr. Lewis added that “low penalties” like sanctions had been exhausted. “The White House will have to take more aggressive action, be it in cyberspace or a more painful legal or financial maneuver,” he said.
Stricter measures have long been discussed and occasionally applied. When Russian intelligence agencies injected malicious code into the American power grid in recent years – where it is suspected to this day – the United States in turn injected code into the Russian network and ensured that it was viewed as a deterrent. Before the 2020 elections, the US Cyber Command shut down the servers of a major Russian cybercrime to prevent the voting infrastructure from being blocked.