Biden-Putin talks look to draw line under infrastructure cyberattacks

(Image credit: Kingston)

At their recent summit, US President Joe Biden reportedly handed his Russian counterpart Vladimir Putin a list of certain critical infrastructure that should be "off-limits" to any kind of cyberattacks, including ransomware.

Various media reports from the summit in Geneva suggested that the two leaders agreed that cybersecurity experts from both countries should hash out particulars of no-go targets.

“Another area we spent a great deal of time on was cyber and cybersecurity. I talked about the proposition that certain critical infrastructure should be off limits to attack — period — by cyber or any other means,” said President Biden in his post-summit press conference.  

President Putin's response to the american proposal wasn't immediately clear. While he did bring up the topic of cyberattacks in the Russian press conference by saying that the two leaders had agreed to "begin consultations" on cybersecurity issues, Reuters claims the Russian leader didn’t refer to America’s proposal, or the handing over of the list.

Defining limits

Speaking to the media, President Biden didn’t list the exact areas that the leaders agreed to keep out of bounds, but did mention he handed over a list of 16 specific entities that the US considers as critical infrastructure.

Security experts have in the past raised concerns about the urgent need to update the legacy systems that run many of today’s critical infrastructure. 

Their worst fears were realized last month in the form of a ransomware attack on Colonial Pipeline, which forced the shutdown of one of the major fuel pipelines in the country resulting in a brief fuel-crisis in parts of the country.

In response, the US has taken a number of steps in the form of setting up a ransomware taskforce and treating such cyberattacks with the same priority as a terrorist attack.

Diplomatic pressure

In addition to shaping domestic policies, security experts called on their leaders to exert diplomatic pressure on Russia, since a majority of the ransomware operators and cybercriminals are thought to operate out of Russia or one of the other former Soviet states

Experts suggest Russia turns a blind eye to their activities as long as they don’t target victims within its borders. However, ZDNet reports that in a joint statement, leaders from the G7 countries have asked Russia to rein in the threat actors operating within its jurisdiction.

In light of the developments, the US-Russia summit was supposed to lead to some concrete actions. Experts remain skeptical that handing-over of a list of off-limit infrastructure would bring about any change.

"There's no indication at all that he [Putin] actually went along with it," Keir Giles, a Russia expert with the London-based Chatham House think tank told Reuters, adding that he felt there was nothing in President Putin’s public comments to suggest a change in the status-quo.

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.