OTTAWA — Russian President Vladimir Putin contradicted the evidence Wednesday when he asserted Russians are not a leading source of cyberattacks on the United States and other countries. They are.
A look at his claims in the news conference that followed his summit with U.S. President Joe Biden.
PUTIN: "From American sources, it follows that most of the cyberattacks in the world are carried out from the cyber realm of the United States. Second place is Canada. Then two Latin American countries. Afterward comes Great Britain. Russia is not on the list of countries from where — from the cyber space of which — most of the various cyberattacks are carried out."
THE FACTS: This portrayal defies the record. Putin did not identify the source of the list he cited. But Russian-based digital malfeasance is well established by U.S. and Canadian officials and security researchers alike.
While the U.S., Canada and Britain are capable of cyberespionage, the most damaging cyberattacks on record have come either from state-backed Russian hackers or Russian-speaking ransomware criminals who operate with impunity in Russia and allied nations.
In one such attack, the NotPetya virus did more than US$10 billion in economic damage in 2017, hitting companies including shipping giant Maersk, the pharmaceutical company Merck and food company Mondolez.
In July 2020, Canada, Britain and the United States denounced Russian hackers for trying to steal research on COVID-19 vaccines from organizations in all three countries and around the world.
The joint declaration said the hackers were almost certainly working for Russian intelligence and accused them of disrupting the global efforts to find a vaccine for the novel coronavirus.
Canada's Communications Security Establishment said the malicious cyberactivities were very likely undertaken to pilfer information and intellectual property relating to the development and testing of vaccines.
In its 2020 threat report, the CSE's Cyber Security Centre said the state-sponsored programs of China, Russia, Iran, and North Korea pose the greatest strategic danger to Canada.
The Canadian Internet Registration Authority, a not-for-profit organization best known for managing the .CA internet domain, said Wednesday it wasn't sure what Putin was referencing in his comments.
"But we can say that what he said doesn't match up with what we see in our data."
Canada is often used as a proxy to attack the U.S. but is not the originating country, the authority added.
The cyberattacks that have recently done the most damage are from ransomware sowed and activated by Russian-speaking criminal gangs that enjoy safe harbour in Russia and allied nations and whose members have sometimes colluded with Russian security services.
The global ransomware plague that has caused tens of billions of dollars of damage in the last 18 months — hitting a company, hospital, school or other target about every eight minutes — was a major issue for Biden at the summit.
In addition, Russian intelligence operatives interfered in the 2016 U.S. presidential election by hacking Democratic email accounts and orchestrating the release of those communications to boost the campaign of Republican Donald Trump and harm his Democratic opponent Hillary Clinton.
Russian military hackers also attacked and briefly shut down portions of Ukraine’s power grid in the winters of 2015 and 2016.
Altogether, the cybersecurity firm Recorded Future estimates there were 65,000 successful ransomware attacks globally in 2020 from all sources.
This report by The Canadian Press was first published June 16, 2021.
— With files from The Associated Press
The Canadian Press