Tribune. In July 2021, we analyzed Europe’s weaknesses in the face of cyber attacks and proposed avenues for response. Since then, the strategic context in cyberspace has worsened, mainly to the detriment of the European Union and its members. Essentially, this is due to a strengthening of the United States – Russia duopoly, highlighted in the Ukrainian affair as in the cyber domain: in September, the DarkSide and REvil groups, responsible for major ransomware attacks then scuttled under American pressure and by the Russian authorities, resuscitated (DarkSide becoming BlackMatter) and resumed their attacks.
The American reaction is the implementation of the Biden doctrine, set out after the summit organized with Vladimir Poutin, in June 2021, in Geneva: those responsible for attacks against American critical infrastructures will have to be neutralized by the Russian authorities, or failing that by the capabilities of the United States.
In fact, on October 21, three days after an attack paralyzing a television network, REvil’s various sites were the subject of massive destructive cyberattacks, causing the deep dismay of its executives speaking on the Web. A few hours later, a dispatch from [l’agence de presse britannique] Reuters explains that this technical neutralization was carried out jointly by the US Cyber Command, the FBI and the Secret Service.
The message is heard: the 1er November 2021, BlackMatter, denounced for its ransomware attacks by the US Federal Cybersecurity Agency, announces that it is ceasing all its activities « Under pressure from the authorities », then disappears. The next day, William Burns, director of the CIA, has conversations in Moscow with the secretary of the Russian Security Council and with his counterpart, head of the SVR. He will also have a telephone exchange with Vladimir Putin. The items on the agenda are Ukraine and… cybersecurity. There is no doubt that after the American elimination of the REvil group, the Russian leaders preferred to take the lead in ordering BlackMatter to disappear.
An ecosystem based in Russia
Throughout the fall, General Nakasone, who simultaneously heads the National Security Agency (NSA) and Cyber Command, stepped up public interventions on ransomware. Since the middle of the year 2021, its services consider that such attacks are attacks on national security which legitimizes the use of cyber-offensive means for « Deter and hinder them ». At the same time, Russia, through its think tanks and an article published on September 29, 2021 in Kommersant, welcomes this new cooperation with the United States against cybercrime.
You have 64.04% of this article left to read. The rest is for subscribers only.