The US government has “shared information with Russia regarding criminal ransomware activity being conducted from its territory,” said the official, who spoke on the condition of anonymity under ground rules that the White House set for the call.
“We’ve seen some steps by the Russian government and are looking to see follow-up actions,” said the official, who declined to say what those steps and actions were.
A spokesperson for the Russian Embassy in Washington did not respond to a request for comment.
The disruptions have placed cybersecurity, and ransomware in particular, high on the list of national security priorities for the White House.
Senior government officials from the US and 30 allied countries will meet virtually Wednesday and Thursday to forge closer cooperation in the fight against ransomware, which has knocked computers offline at health care centers in multiple countries during the coronavirus pandemic.
Australia, France, Germany and the United Kingdom are among the countries that will be represented at the meetings, according to the White House. The discussions will focus on efforts to prosecute and disrupt ransomware groups and on dealing with the role of cryptocurrency in funding ransomware attacks, among other issues.
Russia will be conspicuously absent from the meetings as the White House tries to make progress in bilateral talks with Moscow.
Since the Biden-Putin meeting, US officials have watched closely for changes in behavior from the Russian government and for any change in the pace of cybercriminal operations emanating from Russia.
A spokesperson for Recorded Future, another cybersecurity firm, told CNN that the firm has been tracking a “Russian-based ransomware group that currently has over 100 members” and is “actively recruiting new cybercriminals.”
Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency, said last week that she had not seen “significant, material changes” in Russian behavior since the tete-a-tete between Biden and Putin.
Cybersecurity analysts say one of the most effective ways to combat ransomware is to arrest the people who develop and deploy the computer-locking software. While Russian cooperation has been elusive, the US has leaned heavily on allies in Europe in raids against some criminal groups.
Timo Koster, a former Dutch diplomat focused on cybersecurity, said he expects countries like the US and the Netherlands to encourage other governments to take more assertive actions against cybercriminal groups.
“More international cooperation is needed” in coordinating how countries attribute cyberattacks to specific actors and on responses from law enforcement and security agencies, Koster told CNN.