Biden to discuss Russian ransomware hackers with Putin and suggests Moscow bears ‘some responsibility’

Sign up for the daily Inside Washington email for exclusive US coverage and analysis sent to your inbox

Get our free Inside Washington email

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

President Joe Biden has announced he will be speaking to Russian President Vladimir Putin about the Colonial Pipeline cyberattack, given the hackers responsible were a Russia-based ransomware group.

“I’m going to be meeting with President Putin,” Mr Biden said. “So far there’s no evidence from our intelligence people that Russia is involved. Although, there is evidence the actor’s ransomware is in Russia.”

A date and location have yet to be announced for the meeting between Mr Biden and the Russian president. But previously Mr Biden said it was his “hope and expectation” to meet with Mr Putin in June during his trip to the United Kingdom and Belgium for Nato and the G7.

Although there was “no evidence” that the Russian government was involved in the cyberattack on Colonial Pipeline’s operator system, there was an expectation from the Biden administration for Russia to respond.

“They (Moscow) have some responsibility to deal with this,” Mr Biden said. 

DarkSide has been named as being responsible for the attack.

“The FBI confirms that the DarkSide ransomware is responsible for the compromise to the Colonial Pipeline networks. We continue to work with the company and our government partners on the investigation,” the FBI said in a statement released on Monday.

DarkSide, a Russia-based ransomware group, was among several criminal gangs responsible for costing Western nations tens of billions of dollars in the last three years.

The group claims to only target large corporations that are not related to medical, educational, or government entities. A portion of the money earned by the group during these ransomware attacks is then donated to charities, DarkSide claims.

Georgia-based Colonial Pipeline, which spans about 5,500 miles along the East Coast, transporting more than 100 million gallons of gasoline and oil a day, first reported the cyberattack to its network on Friday. This attack forced the company to completely shut down its pipeline, causing concern about the potential impact on gasoline prices and supply for southern states.

On Monday, the company released a statement to update the public on the status of restoring full service to the system. 

“Segments of our pipeline are being brought back online in a stepwise fashion, in compliance with relevant federal regulations and in close consultation with the Department of Energy, which is leading and coordinating the Federal Government’s response,” the company said. 

The company’s operations team is “executing a plan that involves an incremental process that will facilitate a return to service in a phased approach” with “the goal of substantially restoring operational service by the end of the week,” according to the statement.

If the company can restore portions of its pipeline by Wednesday, then the United States would likely experience little to no long-term impact of the ransomware attack.

But if the shutdown continues, southern states will be the first to experience higher gasoline prices, given the region relies most heavily on the pipeline system’s supply.