US officials believe Russia arrested hacker responsible for Colonial Pipeline attack

The US believes that Russia’s domestic intelligence agency has arrested the hacker responsible for the May ransomware attack that forced a major US fuel pipeline to shut down for days, a senior Biden administration official told reporters Friday.

It appears to mark a rare instance of US-Russian cooperation against a major cybercrime group, following direct appeals from President Joe Biden to Russian President Vladimir Putin.

The cyberattack against Colonial Pipeline in May prompted the company to preemptively shut down its fuel distribution operations, leading to widespread shortages at gas stations along the East Coast.

The official spoke to reporters after Russia’s FSB intelligence agency said Friday that, at the behest of US authorities, it had detained multiple people associated with REvil, a type of ransomware that has cost US firms millions of dollars.

The US and Russia do not have an extradition treaty. While Russian authorities said those apprehended would be prosecuted, the extent to which that will happen is unclear.

The FSB said Russian authorities had seized millions of dollars, raided the homes of 14 people and detained an unspecified number of people connected with the so-called REvil ransomware. REvil was used in damaging hacks on a top US meat supplier in May and US software provider Kaseya in July, with the latter infecting up to 1,500 businesses around the world, US officials have previously said.

The FSB’s announcement follows a week of talks among the US, its European allies and Russia that failed to reach a breakthrough over the tens of thousands of troops Russia has amassed near Ukraine’s border.

“In our mind, this is not related to what’s happening with Russia and Ukraine,” the senior administration official said.

But some cybersecurity analysts pointed to the timing of the FSB announcement, which comes as the US has threatened severe sanctions on Russia if it invades Ukraine.

“This is Russian ransomware diplomacy,” Dmitri Alperovitch, a cybersecurity expert who is chairman of the non-profit Silverado Policy Accelerator, told CNN. “It is a signal to the United States: If you don’t enact severe sanctions against us for invasion of Ukraine, we will continue to cooperate with you on ransomware investigations.”

™ & © 2022 Cable News Network, Inc., a WarnerMedia Company. All rights reserved.

There is no custom code to display.

What's happening

Dogwood Arts House & Garden Show

Dogwood Arts House & Garden Show

From the ground to the gutters, the Dogwood Arts House & Garden Show has something for everyone. Our perennial preview of spring provides visitors the chance to shop hundreds of retailers and manufacturers exhibiting products, offering services and advice on interior design, home improvement, gardening, and more.

Covenant Kids Run Feb. 5th

Covenant Kids Run Feb. 5th

The Covenant Kids Run is a program created to encourage our local children to lead healthy and active lifestyles while participating in an exciting, goal oriented, community event.

Knoxville Polar Plunge- Sat. Feb. 19th

Knoxville Polar Plunge- Sat. Feb. 19th

Come and join hundreds of brave individuals on Saturday, February 19th, and support Special Olympics Tennessee athletes by taking a chilly dip into the pool at the West Side Family YMCA. With a minimum of $75 in donations ($50 for students) each plunger receives the official Plunge t-shirt and all bragging rights associated with such a brave endeavor.