WASHINGTON (AP) - President Joe Biden told Russian President Vladimir Putin in a Friday phone call that he must "take action" against cybercriminals acting in his country and that the U.S. reserves the right to "defend its people and its critical infrastructure," the White House said.
The conversation came less than a month after the two leaders met in Geneva, when Biden warned against continuing cyberattacks emanating from Russia. A new ransomware attack linked to the REvil hacking group based in Russia caused widespread disruption last weekend, affecting as many as 1,500 businesses.
The White House said "President Biden underscored the need for Russia to take action to disrupt ransomware groups operating in Russia and emphasized that he is committed to continued engagement on the broader threat posed by ransomware.
"President Biden reiterated that the United States will take any necessary action to defend its people and its critical infrastructure in the face of this continuing challenge," the White House added.
Friday's call underscored the extent to which the ransomware threat from criminal hacker gangs has mushroomed into an urgent national security challenge for the White House, and it suggested a possible concession by the administration that earlier warnings to Putin had failed to curb a criminal activity that has taken aim at businesses across the globe.
The White House statement announcing the hourlong call with Putin highlighted a U.S.-Russian agreement that will allow humanitarian aid to flow into Syria. The dual prongs of the agenda show how even as Biden pledges to get tough on Russia over hacking, there's an inherent desire to avoid aggravating tensions as the administration looks for Russia to cooperate, or at least not interfere, with U.S. actions in other areas, including Syria, the Afghanistan withdrawal and climate change.
The White House declined to discuss the tone of Biden's call, though press secretary Jen Psaki said it did focus significantly on the latest breach, which cybersecurity researchers have said infected victims in at least 17 countries, largely through firms that remotely manage IT infrastructure for multiple customers.
Though Biden had previously said the attack had caused "minimal damage," and it did not appear to target vital infrastructure, the sheer global scale and the fact that it occurred so soon after the Geneva meeting put immediate pressure on the administration to have some sort of response.
Officials did not immediately announce any specific actions they were taking or would consider taking. There are few easy options to resolve the threat without risking a conflict that could spiral out of control beyond the cybersecurity realm.
The Biden administration took office on the heels of a massive cyberespionage campaign known as SolarWinds that U.S. officials have linked to Russian intelligence operatives. But ransomware attacks, perpetrated generally by criminal hacker gangs rather than state-sponsored hackers, appear to have eclipsed old-fashioned spying as a potent threat.
A May attack on a pipeline that supplies roughly half the fuel consumed on the East Coast caused the company to temporarily halt operations. Colonial Pipeline paid roughly $4.4 million in ransom, although U.S. authorities were able to claw back a large portion of that sum in a law enforcement operation last month.
Hackers also recently extorted an $11 million ransom payment from JBS SA, the world's largest meat processor.