Biden warns Putin during call that 'we expect him to act' on Russian ransomware attacks
By Maegan Vazquez, CNN
(CNN) -- President Joe Biden urged Russian President Vladimir Putin to take action to disrupt criminal ransomware groups in Russia on a call Friday morning -- their first publicized discussion since a summit in Geneva last month.
Following an executive order signing at the White House on Friday afternoon, Biden indicated he and Putin have established a more direct means of communication. He also underscored that Putin will need to act on ransomware operations that take originate from Russian actors.
"I made it very clear to him that the United States expects when a ransomware operation is coming from his soil -- even though it's not sponsored by the state -- we expect him to act. And we've given him enough information to act on who that is," Biden said.
He continued, "We've set up a means of communications now, on a regular basis, to be able to communicate to one another when each of us thinks something's happening in the other country. It affects the home country. And so it went well. I'm optimistic."
Asked if there will be consequences for Russia, Biden said, "Yes."
The White House similarly relayed in an earlier statement that during the call, "Biden underscored the need for Russia to take action to disrupt ransomware groups operating in Russia and emphasized that he is committed to continued engagement on the broader threat posed by ransomware."
"President Biden reiterated that the United States will take any necessary action to defend its people and its critical infrastructure in the face of this continuing challenge," the statement continued.
White House press secretary Jen Psaki elaborated during Friday's press briefing that Biden "reiterated his expectation that President Putin take action, even if it is not directed by the Russian government, if it is because of criminal actors in his own country." The call lasted about an hour, she said.
"This is the first time -- even though ransomware attacks have been increasing over the past 18 months, if not longer -- that there has been this level of engagement at this level. And certainly the President knew, even when they met in Geneva, that there would be a need for ongoing discussions and engagements," Psaki said.
She added that Biden has "always believed this was going to need to be an ongoing diplomatic engagement with the Russians," adding, "We've had expert level talks, we've had those talks focused on cyber, focused on ransomware, but he also understands that there's going to need to be talks at times at the leader level."
The two leaders also discussed the recent renewal of cross-border humanitarian assistance to Syria in the UN Security Council, according to the White House.
Biden confronted Putin about cyber attacks by Russia-based actors during the Geneva summit. And earlier this week, Psaki said the White House has conveyed to Russian officials that there is a responsibility to respond after recent cyber attacks and that the US stands ready to "take action" if necessary.
The White House indicated earlier this week that top national security officials have been in contact with a "high level" of Russian officials regarding the ransomware attack on software vendor Kaseya.
Earlier, the White House said the Intelligence Community had not yet attributed the attack, but noted the group believed to be responsible, REvil, operates out of Russia.
The Republican National Committee said on Wednesday that its networks were not breached and its data not accessed after an IT provider used by the RNC said it's "conducting a thorough review of a few instances in which outside actors have attempted to gain access."
The contractor, Synnex, declined to say when the attempts happened and to what extent the RNC was targeted. The RNC says that upon hearing that Synnex was breached, it "immediately blocked all access from Synnex accounts."
The New York Times reported that the hackers behind the Synnex attack were from Russia's foreign intelligence service, the SVR, citing investigators in the case. If true, it's the same group of hackers who carried out the massive SolarWinds hack and the attack on the Democratic National Committee in 2015.
™ & © 2021 Cable News Network, Inc., a WarnerMedia Company. All rights reserved.
The-CNN-Wire™ & © 2018 Cable News Network, Inc., a Time Warner Company. All rights reserved.