Russian ransomware removal: political concessions or political theaters?




News Analysis Last year, when President Joe Biden took office, ransomware was at the top of the list of issues to address regarding Russia. And there is a good reason. For years, the US government has accused the Kremlin of allowing ransomware hackers to operate exempt from liability in Russia. The result is a massive attack on Colonial Pipeline, IT developers Kaseya, SolarWinds, and global food supplier JBS. So it was a pleasant surprise to many observers when the Russian FSB’s domestic intelligence agency announced on January 14 that it had arrested and dismantled REvil, one of the country’s most prominent ransomware groups. The FSB said it did so at the request of the Biden administration, which said it “welcomes” news and credit diplomacy between the two countries. However, the timing of Russia’s removal has embarrassed cybersecurity experts. Why now …