Russia’s operation to dismantle the REvil ransomware gang is unlikely to be a start of a broader crackdown on Russian cybercriminals, but will send a message that high-profile disruptive attacks that risk direct U.S. retaliation against Russia are off-limits. This makes it more likely that some groups will prioritize targeting less strategic (but still lucrative) U.S. organizations. Russia’s Federal Security Service (FSB) said in a Jan. 14 press release that it conducted an operation to dismantle and arrest suspected members of REvil at the request of the United States, and that the ransomware gang now ceases to exist. The timing of the FSB’s announcement -- and the emphasis it places on being at the request of the United States – appears designed to showcase that Russia is a cooperative and responsible state actor amid increasing Western accusations of Russian aggression in Ukraine. ...