By Katie Bo Lillis and Sean Lyngaas, CNN
US Cyber Command head and director of the National Security Agency Gen. Paul Nakasone said Wednesday that the US had “conducted a surge” over the past three months to address the problem of ransomware attacks on US interests.
Nakasone said the US government had taken aim at sources of funding for ransomware operatives, many of whom are based in Russia and Eastern Europe and who have made millions extorting US companies.
“We bring our best people together, the really good thinkers of, how do you get after folks that are doing this?” Nakasone said at the Aspen Security Forum in Washington. “How do you get after the capabilities that they’re producing, how do you get after the flow of money?”
After a spate of ransomware attacks on key US companies, President Joe Biden in June exhorted Russian President Vladimir Putin to crack down on ransomware gangs operating from Russian soil.
While it’s unclear to what extent the Russian government has done that, US law enforcement officials have racked up notable arrests of Russian cybercriminals in recent months. A Russian man accused of being part of cybercrime ring that infected millions of computers worldwide was extradited from South Korea to the US last month.
And US officials have expressed a willingness to use offensive cyber operations to try to disrupt the criminal networks.
Nakasone declined to comment on a Washington Post report that a pair of operations by Cyber Command and a foreign government hacked into a major ransomware group’s servers leading the group to shut down.
The Russian-speaking ransomware group, REvil, was behind the summer ransom of the world’s largest meat processor, JBS, an attack that temporarily stalled operations at nine beef processing plants in the United States.
“While I won’t comment on specific operations, I will say that we’ve made a lot of progress,” Nakasone said. “I’m pleased with the progress we’ve made and we’ve got a lot more to do.”