The college’s ordeal reflects the challenges the Biden administration faces in stamping out the threat — and its uneven progress in doing so since ransomware became an urgent national security problem last spring.
Ransomware attacks — in which hackers lock up victims’ data and demand exorbitant sums to return it — surfaced as a national security emergency for the administration after a May attack on Colonial Pipeline, which supplies nearly half the fuel consumed on the East Coast.
Biden met with Putin in June in Geneva, where he suggested critical infrastructure sectors should be “off limits” for ransomware and said the U.S. should know in six months to a year “whether we have a cybersecurity arrangement that begins to bring some order.”
“I think the ransomware folks, the ones conducting them, are stepping back like, ‘Hey, if we do that, that’s going to get the United States government coming after us offensively,’” Kevin Powers, security strategy adviser for cyber risk firm CyberSaint, said of attacks against critical infrastructure.
It’s unclear what Russia will do with those names, though Kremlin spokesman Dmitry Peskov insisted the countries have been having a useful dialogue and said “a working mechanism has been established and is actually functioning.”
It’s also hard to measure the impact of individual arrests on the overall threat. Even as the suspected ransomware hacker awaits extradition to the U.S. following his arrest in Poland, another who was indicted by federal prosecutors was later reported by a British tabloid to be living comfortably in Russia and driving luxury cars.
“It could have just been a fluke,” said Dmitri Alperovitch, former chief technology officer of the cybersecurity firm Crowdstrike. He said asking Russia to crack down on large-scale attacks won’t work because “it’s way too granular of a request to calibrate criminal activity they don’t even fully control.”
It’s hard to quantify the number of attacks given the lack of baseline information and uneven reporting from victims, though the absence of disruptive incidents is an important marker for a White House trying to focus its attention on the most significant national security risks and catastrophic breaches.
Victims of ransomware attacks in the past few months have included hospitals, small businesses, colleges like Howard University — which briefly took many of its systems offline after discovering a September attack — and Virginia’s legislature.
A ransom note from hackers demanded a payment, though Trzaska declined to reveal the sum or identify the culprits. Though many attacks come from hackers in Russia or Eastern Europe, some originate elsewhere.
This content was originally published here.