Top cyber official reports ‘decrease’ in Russian cyberattacks against US groups

White House National Cyber Director Chris Inglis testified on Capitol Hill Wednesday that there had been a “decrease” in the number of cyberattacks against U.S. companies traced back to Russia, but stressed that the reason was not clear.

“We have seen a discernible decrease. It’s too soon to tell whether that is because of the material efforts undertaken by the Russians or the Russian leadership,” Inglis said during a House Homeland Security Committee hearing. “It may well be that the transgressors in this space have simply lain low in understanding that this is for the moment a very hot time for them, and we need to ensure that that continues to be the case.”

Inglis, the nation’s first national cyber director, said that while this is encouraging progress, more work is needed to help cut down on malicious Russian-linked attacks. 

“I think in the longer term, we will be able to measure in a qualitative and a quantitative fashion what the diminishment of those efforts are,” Inglis testified. “For the moment, I think it’s too soon to tell, we therefore need to ensure that our strategy is solidified and brought to bear.”

The testimony came after multiple Russian-linked attacks this year, leading to a further chilling of Washington-Moscow relations. 

These included ransomware attacks by Russian-based cybercriminal groups on Colonial Pipeline and meat producer JBS USA in May and on IT group Kaseya in July. 

The Biden administration levied sanctions on Russia in April in retaliation for the SolarWinds breach, which allowed Russian hackers to compromise nine federal agencies and around 100 private sector groups for most of last year. Microsoft announced last month that the same hackers had spent half of this year attempting to compromise the global IT supply chain.

President Biden brought up cybersecurity concerns with Russian President Vladimir Putin in June during their in-person summit in Geneva, urging him to take action against cybercriminals harbored within Russia’s borders. He also gave him a list of critical U.S. entities that he considered off-limits to attack.

Inglis’s comments mirrored those of other top cyber officials in recent months. 

Anne Neuberger, the deputy national security adviser for Cyber and Emerging Technology, told reporters at the White House in September that “discussions with the Russians continue,” and stressed that Biden is “looking for action with regard to addressing cyber activity.”

FBI Deputy Director Paul Abbate was more pessimistic earlier this year. 

“Based on what we’ve seen, I would say there is no indication that the Russian government has taken action to crack down on ransomware actors that are operating in the permissive environment that they have created there,” Abbate said during a panel at the Intelligence and National Security Summit in September.