On Jan. 14, 2022, the FSB, Russia’s domestic intelligence service, announced that it had broken up the notorious Russia-based REvil ransomware criminal organization. The FSB said the actions were taken in response to a request from U.S. authorities. The move marks a dramatic shift in Russia’s response to criminal cyberattacks launched against U.S. targets from within Russia, and comes at a time of heightened tensions between the two countries.
U.S. policy and actions in response to cyberattacks connected to Russia have changed distinctly since the Biden administration took office. President Joe Biden has openly confronted Russian President Vladimir Putin on his responsibility regarding international cyberattacks, and the Biden administration has taken unprecedented steps to impose costs on Russian cyber criminals and frustrate their efforts.
Upon taking office, Biden immediately faced difficult challenges from Russian intelligence operatives and criminals in headline-grabbing cyberattacks on private companies and critical infrastructure. As a scholar of Russian cyber operations, I see that the administration has made significant progress in responding to Russian cyber aggression, but I also have clear expectations about what national cyber defense can and can’t do.
Software supply chain compromise
The SolarWinds hack carried out in 2020 was a successful attack on the global software supply chain. The hackers used the access they gained to thousands of computers to spy on nine U.S. federal agencies and about 100 private-sector companies. U.S. security agencies said that a sophisticated hacking group, “likely Russian in origin,” was responsible for the intelligence-gathering effort.
The SolarWinds hack explained.
On Feb. 4, 2021, Biden addressed Putin in a statement delivered at the State Department. Biden said that the days of the U.S. rolling over in the face of Russian cyberattacks and interference in U.S. elections “are over.”
Biden vowed to “not hesitate to raise the cost on Russia.” The U.S. government had not previously issued indictments or imposed sanctions for cyber espionage, in part out of concerns that they could result in reciprocal actions by Moscow against NSA and CIA hackers. Nevertheless, the U.S. Treasury Department issued sanctions against the Russian Foreign Intelligence Service, the SVR, on April 15, 2021.
Biden also signed an executive order to modernize federal government cybersecurity. He directed agencies to deploy systems that detect cyber incursions, like the one that spotted SolarWinds activity at Palo Alto Networks. In parallel, his security agencies published tools and techniques used by the SVR and ransomware gangs to help organizations defend against them.
Economic sanctions and technical barriers, however, did not slow SVR efforts to gather intelligence on U.S. foreign policy. In May 2021, Microsoft revealed that hackers associated with Russia exploited the mass-mailing service Constant Contact. By masquerading as the U.S. Agency for International Development, they sent authentic-looking emails with links to more than 150 organizations, which, when clicked, inserted a malicious file that allowed computer access.
Also in May, the shutdown of the Colonial Pipeline by a ransomware attack by the Russian cyber gang DarkSide halted the flow of nearly half the gas and jet fuel to the Eastern Seaboard. Panicked drivers rushed to fill up tanks while prices soared. A month later, consumers scrambled to find meat alternatives after REvil infected beef and pork processer JBS USA with ransomware.
Ransomware attacks explained.
Biden said Russia has “some responsibility to deal with this.” At a summit in Geneva in June, he handed Putin a list of off-limits critical infrastructure that would merit a U.S. response if attacked. It is likely that Russian intelligence services and law enforcement have a tacit understanding with cybercriminals and can shut down their resources.
Though not counting on Putin to exert influence, the White House formed a ransomware task force to go on the offense against the gangs. The first step was using a counterterrorism program to offer rewards of up to US$10 million for information on hackers behind state-sanctioned breaches of critical infrastructure.
In close collaboration with international partners, the Justice Department announced the arrest of a Ukrainian national in Poland, charged with the REvil ransomware attack against Kaseya, an information technology software supplier. The Justice Department also seized $6.1 million in cryptocurrency from another REvil operator. Romanian authorities arrested two others involved in REvil attacks.
U.S. law enforcement seized $2.3 million paid in ransom to DarkSide by Colonial Pipeline by using a private key to unlock bitcoin. And the Treasury Department disrupted the virtual currency exchanges SUEX and Chatex for laundering the proceeds of ransomware. Treasury Department sanctions blocked all of their property in the U.S. and prohibited U.S. citizens from conducting transactions with them.
Additionally, the top U.S. cyberwarrior, Gen. Paul Nakasone, acknowledged for the first time in public that the U.S. military had taken offensive action against ransomware groups. In October, U.S. Cyber Command blocked the REvil website by redirecting traffic, which prevented the group from extorting victims. After REvil realized its server was compromised, it ceased operations.
Limits of US responses
Russia conducts or condones cyberattacks by state and criminal groups that take advantage of gaps in international law and avoid crossing national security lines. In October, the SVR stepped up attempts to break into technology companies to steal sensitive information. U.S. officials considered the operation to be routine spying. The reality that international law does not prohibit espionage per se prevents U.S. responses that could serve as strong deterrents.
Similarly, after cyber gang BlackMatter carried out a ransomwware attack on an Iowa farm cooperative in September, the gang claimed that the cooperative did not count as critical infrastructure. The gang’s claim refers to cyberattack targets that would prompt a national response from the U.S. government.
Despite this ambiguity, the administration has unleashed the military to frustrate the efforts of ransomware groups, while law enforcement agencies have gone after their leaders and their money, and organizations in the U.S. have shored up their information systems defenses.
Though government-controlled hackers might persist, and criminal groups might disappear, rebuild and rebrand, in my view the high costs imposed by the Biden administration could hinder their success. Nevertheless, it’s important to bear in mind that national cyber defense is an extremely challenging problem and it’s unlikely that the U.S. will be able to eliminate the threat.
Wyandotte County resident Connie Brown Collins says new congressional boundaries passed by the state Senate appear to “literally cut through backyards” of several diverse communities.
Republicans in the Legislature have fast-tracked an effort to redraw congressional districts in a way that would divide the Kansas City metro area along Interstate 70.
As a result, Brown Collins said during a news conference Monday at the Statehouse, 39,000 Latino residents and 30,000 Black residents would be relocated from the 3rd District, the only one in Kansas currently represented by a Democrat, and into the 2nd District. This “population shuffle,” Brown Collins said, will decrease the voting power of a majority-minority vote.
“If legislators think we in Wyandotte County are snoozing through this travesty, that we are not aware or we do not care, think again,” Brown Collins said. “You have awakened a sleeping lion.”
Kansans for Fair Maps, a coalition of advocacy groups, organized the news conference to elevate the voices of residents in the Kansas City metro area who are upset about the proposed new map. They spoke in front of the Brown v. Board mural on the third floor, a tribute to the landmark civil rights case that ended segregation in public schools.
Senate and House redistricting panels introduced the Ad Astra map favored by Republicans during a hearing last week and heard overwhelming opposition in testimony. The Senate panel proceeded to pass a version of the map that corrected the oversight of splitting the Kickapoo Indian reservation between districts. On Friday, the full Senate endorsed Ad Astra 2.
The House panel held additional hearings Monday.
“The House process is still ongoing. It has been fair, deliberate and transparent,” the House Republican leadership said in a statement for this story. ” We look forward to seeing the results of the committee’s work.”
Under current lines drawn by courts a decade ago, the 3rd District currently includes the Kansas City metro area that sprawls across Wyandotte and Johnson county. U.S. Rep. Sharice Davids, a Democrat, American Indian, and the first openly LGBTQ member of Congress from Kansas, won election there in 2018 and retained the seat in 2020.
Republicans redrew her district to eliminate Democrats’ votes in the northern half of Wyandotte County and move Republican strongholds from Anderson, Miami and Franklin counties into the district.
“The way this map is drawn really diminishes her chance of being reelected,” said Tom Witt, of Equality Kansas. “The voters chose her, and they chose her twice. And now Senate leadership is trying to choose different voters for her. I don’t know how the rest of you grew up, but I grew up in America where democracy matters.”
Thomas Alonzo said he has lived in Wyandotte County his entire life, except for when he served in the military. He said his Kansas City, Kansas, community’s interests are deeply tied to their neighbors to the south.
The Ad Astra map “demonstrates a lack of competent, moral and ethical leadership,” Alonzo said.
“There is nothing democratic or patriotic about deliberately cutting up a district to prevent its voters from having the ability to select individuals to represent us that will protect our interests,” Alonzo said.
Liz Meitl lives in Johnson County and works for the Kansas City, Kansas, public school district in Wyandotte County. She said there are thousands of others who work in one county and live in the other. Their lives are interconnected, she said.
“When you divide us by congressional districts, you are creating schisms, unnatural schisms that both perpetuate racist and systemic institutionalized inequalities and perpetuate a system in which the elites disenfranchise voters,” Meitl said.
Senate Republican leaders have dismissed concerns about the way the map affects the voting power of Democrats and communities of color. The map also moves heavily Democratic Lawrence from the 2nd District to the rural 1st District.
Senate President Ty Masterson, R-Andover, said all four members of congress would retain their seats based on 2020 election results, although Witt said that claim hasn’t been verified since underlying data was made available late Thursday.
“On balance,” Senate Republicans said in explaining their vote, “this map will serve the state well for the next decade.”
Kansas Reflector is part of States Newsroom, a network of news bureaus supported by grants and a coalition of donors as a 501c(3) public charity. Kansas Reflector maintains editorial independence. Contact Editor Sherman Smith for questions: firstname.lastname@example.org. Follow Kansas Reflector on Facebook and Twitter.
Newt Gingrich complaint came 1 day before deadline for his longtime aide to comply with Jan. 6 committee: report
Former House Speaker Newt Gingrich (R-GA) blasted Congress one day before a longtime aide was required to turn over documents to the House Select Committee to Investigate the Jan. 6 Attack on the U.S. Capitol.
"Former House Speaker Newt Gingrich's controversial weekend comment that the House January 6 Committee investigators could face jail time themselves if Republicans take over Congress came about two weeks after the panel subpoenaed his longtime former aide who also co-authored a book with him," Business Insider reported Tuesday.
The select committee gave Ross Worthington until Jan. 24 to turn over documents and scheduled him for a Feb. 2 deposition.
Gingrich and Worthington co-wrote the book, Breakout : Pioneers of the Future, Prison Guards of the Past, and the Epic Battle That Will Decide America's Fate.
"Worthington served as a research director and lead writer for the media and communications firm Gingrich Productions before joining Trump's transition team that helped him prep for the White House in late 2016 and early 2017," Business Insider reported, noting Worthington had previously served as deputy communications direction for Gingrich's unsuccessful 2012 presidential campaign."
Read the full report.
Ross Worthington is tremendous writer and policy developer who has been big part of Gingrich Productions.He will be great in the White House— Newt Gingrich (@Newt Gingrich) 1483654571
IN OTHER NEWS: Jen Psaki reminds Peter Doocy of Trump's Twitter tantrums after he whines about 'hashtag' diplomacy
Jen Psaki reminds Peter Doocy of Trump's Twitter tantrums after he whines about 'hashtag' diplomacy www.youtube.com