When the world gets closer.

We help you see farther.

Sign up to our expressly international daily newsletter.

Geopolitics

REvil Bust: Is Russian Cybercrime Crackdown Just A Decoy From Ukraine?

This weekend’s unprecedented operation to dismantle the cybercriminal REvil network in Russia was carried out on a request and information from Washington. Occurring just as the two countries face off over the Russian threat to invade Ukraine raises more questions than it answers.

A laptop screen displaying Russian president Vladimir Putin, and phone with his name on it.

Kyiv blamed Russia for another cyber-attack that knocked out key Ukrainian government websites last week

Cameron Manley

The world’s attention was gripped last week by the rising risk of war at the Russia-Ukraine border, and what some have called the worst breakdown in relations between Moscow and Washington since the end of the Cold War. Yet by the end of the week, another major story was unfolding more quietly across Russia that may shed light on the high-stakes geopolitical maneuvering.

By Friday night, Russian security forces had raided 25 addresses in St. Petersburg, Moscow and several other regions south of the capital in an operation to dismantle the notorious REvil group, accused of some of the worst cyberattacks in recent years to hit targets in the U.S. and elsewhere in the West.

And by Saturday, Russian online media Interfax was reporting that the FSB Russian intelligence services revealed that it had in fact been the U.S. authorities who had informed Russia "about the leaders of the criminal community and their involvement in attacks on the information resources of foreign high-tech companies.”


The Russian authorities’ seizing of more than $5 million in U.S. currency, euros, bitcoin and roubles, as well as computer equipment and 20 luxury cars, was initiated from a request and information coming directly from Washington.

What does it mean that this development came just on the heels of the breakdown in talks between Presidents Joe Biden and Vladimir Putin? Is the timing mere coincidence or was Moscow sending a veiled message with this unlikely cooperation? What should we know about the importance of cybersecurity as both an international priority and a potential bargaining chip?


REvil is not new to the international scene, though it dropped off the radar after Habr reported in July of last year that the group had carried out a cyber-attack on U.S. tech firm Kaseya, the consequences of which ricocheted around the world, impacting some 1,500 businesses in at least 17 countries.

The FBI also blamed REvil for the attack on JBS USA, a major global meat supplier, with JBS ultimately paying the hackers a hefty $11 million ransom. The ransom demand, according to the US authorities at the time, "came from a criminal organization, probably based in Russia." Ransomware made by REvil was also likely to have been used in the hacking of the U.S. Colonial Pipeline system, the company added, which led to widespread gas shortages on the East Coast of the United States.

Talks in prior months between Biden and Putin have previously touched on the topic of cyber security, with the former accusing his Russian counterpart of doing little to address the problem within his own borders. He called on Putin to take all necessary measures to stem these issues following the attack last July, otherwise, the U.S. would be prepared to shoulder the responsibility itself.

#Хакеры #АрестХакеров #ЗадержаниеХакеров #Вирусы"Федеральной службой безопасности во взаимодействии со Следственным департаментом МВД России в Москве, Санкт-...

Combatting hackers and cybercrime

So what should we make of the operations this past weekend? Was it a sign that Moscow is ready to crack down on cybercriminals inside Russia? Or is its acting now linked to the showdown over NATO and the Ukraine border? The BBC Russian Service also reports Washington’s concern that REvil may in fact be linked to the Russian government itself, asking whether these actions represent nothing more than a move on the part of the Kremlin to cover its own back.

One anonymous U.S. official quoted by the AFP news agency, nonetheless, praised the arrests, saying: “I don’t speak for the Kremlin’s motives, but we’re pleased with these initial actions.”

The hope among Western law enforcement officials is that the move is ultimately not linked to the current geopolitical standoff, and that Russia has simply taken a decisive first step towards a full-scale crackdown on the other ransomware groups operating within its borders.

The dismantling of REvil was carrot and stick all at once.

The arrests constitute an unprecedented public acknowledgment of the existence of cyber-attackers within Russia, also sending a strong message to other Russian hackers that the party is well and truly over.

Yet there is the risk that the operation is ultimately a decoy in the larger battle brewing with the West. The timing, following the failed Biden-Putin negotiations, seems aimed at reminding Washington that such potential cooperation would cease if the United States and its allies impose new harsher sanctions in the event of a Russian invasion of Ukraine.

Combating hackers and cybercrime is crucial for both international security and commerce, and Moscow stands in the middle of it. Indeed, on Sunday, Kyiv blamed Russia for another cyber-attack that knocked out key Ukrainian government websites last week.

In strategic terms, the dismantling of REvil was carrot and stick all at once.

You've reached your monthly limit of free articles.
To read the full article, please subscribe.
Get unlimited access. Support Worldcrunch's unique mission:
  • Exclusive coverage from the world's top sources, in English for the first time.
  • Insights from the widest range of perspectives, languages and countries
  • $2.90/month or $19.90/year. No hidden charges. Cancel anytime.
Already a subscriber? Log in

When the world gets closer, we help you see farther

Sign up to our expressly international daily newsletter!
Coronavirus

Will China's Zero COVID Ever End?

Too much has been put in to the state-sponsored truth that minimal spread of the virus is the at-all-cost objective. But if the Chinese economy continues to suffer, Xi Jinping may have no choice but to second guess himself.

COVID testing in Guiyang, China

Cfoto/DDP via ZUMA
Deng Yuwen

The tragic bus accident in Guiyang last month — in which 27 people being sent to quarantine were killed — was one of the worst examples of collateral damage since the COVID-19 pandemic began in China nearly three years ago. While the crash can ultimately be traced back to bad government policy, the local authorities did not register it as a Zero COVID related casualty. It was, for them, a simple traffic accident.

The officials in the southern Chinese province of Guizhou, of course, had no alternative. Drawing a link between the deadly crash and the strict policy of Zero COVID, touted by President Xi Jinping, would have revealed the absurdity of the government's choices.

Keep reading...Show less

When the world gets closer, we help you see farther

Sign up to our expressly international daily newsletter!
You've reached your monthly limit of free articles.
To read the full article, please subscribe.
Get unlimited access. Support Worldcrunch's unique mission:
  • Exclusive coverage from the world's top sources, in English for the first time.
  • Insights from the widest range of perspectives, languages and countries
  • $2.90/month or $19.90/year. No hidden charges. Cancel anytime.
Already a subscriber? Log in
THE LATEST
FOCUS
TRENDING TOPICS

Central to the tragic absurdity of this war is the question of language. Vladimir Putin has repeated that protecting ethnic Russians and the Russian-speaking populations of Ukraine was a driving motivation for his invasion.

Yet one month on, a quick look at the map shows that many of the worst-hit cities are those where Russian is the predominant language: Kharkiv, Odesa, Kherson.

Watch VideoShow less
MOST READ