ASSESSMENTS

What to Make of Russia’s Takedown of the REvil Ransomware Gang

MIN READJan 14, 2022 | 22:15 GMT

Russian President Vladimir Putin chairs a meeting with members of the government via video conference at the Novo-Ogaryovo state residence outside Moscow on Dec. 24, 2021.

Russian President Vladimir Putin chairs a meeting with members of the government via video conference at the Novo-Ogaryovo state residence outside Moscow on Dec. 24, 2021.

(ALEXEY NIKOLSKY/Sputnik/AFP via Getty Images)

Russia’s operation to dismantle the REvil ransomware gang is unlikely to be a start of a broader crackdown on Russian cybercriminals, but will send a message that high-profile disruptive attacks that risk direct U.S. retaliation against Russia are off-limits. This makes it more likely that some groups will prioritize targeting less strategic (but still lucrative) U.S. organizations. Russia’s Federal Security Service (FSB) said in a Jan. 14 press release that it conducted an operation to dismantle and arrest suspected members of REvil at the request of the United States, and that the ransomware gang now ceases to exist. The timing of the FSB’s announcement -- and the emphasis it places on being at the request of the United States – appears designed to showcase that Russia is a cooperative and responsible state actor amid increasing Western accusations of Russian aggression in Ukraine. ...

image of globe

Connected Content

Article Search