Cyber Command boss acknowledges US military actions against ransomware groups

President Joe Biden is scheduled to hold a video call with Russian President Vladimir Putin on Tuesday to discuss cybersecurity and a range of other issues.
Cyber Command Commander, National Security Agency Director and Central Security Service Chief General, Paul Nakasone. (Photo by Andrew Harnik / POOL / AFP) (Photo by ANDREW HARNIK/POOL/AFP via Getty Images)

The U.S. military has taken offensive measures against ransomware groups, U.S. Cyber Command leader Gen. Paul Nakasone confirmed Saturday.

“Before, during and since, with a number of elements of our government, we have taken actions and we have imposed costs,” Nakasone told The New York Times in an interview. “That’s an important piece that we should always be mindful of.”

CNN confirmed the offensive cyber-operations to disrupt foreign ransomware groups with a military spokesperson.

U.S. Cyber Command, the military’s top hacking unit, has reportedly been going after criminal groups dating back to before the 2020 election, when it attempted to knock out TrickBot, a network of infected computers used to deliver malware. More recently, the command had role in shutting down ransomware group REvil’s operations, working with foreign governments to redirect traffic from the group’s website, The Washington Post first reported in November.


Both the spokesperson and Nakasone declined to comment on specific operations.

The Biden administration has made taking on ransomware groups a top priority of its cybersecurity agenda after a series of attacks on U.S. critical infrastructure, including the disruption of major fuel provider Colonial Pipeline in May and July attack by REvil on IT firm Kaseya.

The growing number of ransomware attacks against critical U.S. targets has also become a key point of diplomatic tension with Russia, which is believed to harbor many ransomware actors.

“When I met with President Putin in June, I made clear that the United States would take action to hold cybercriminals accountable,” President Joe Biden said in a statement following the REvil takedown. “That’s what we have done today. We are bringing the full strength of the federal government to disrupt malicious cyber activity.”

Biden is scheduled to hold a video call with Russian President Vladimir Putin on Tuesday to discuss cybersecurity and a range of other issues.

Tonya Riley

Written by Tonya Riley

Tonya Riley covers privacy, surveillance and cryptocurrency for CyberScoop News. She previously wrote the Cybersecurity 202 newsletter for The Washington Post and before that worked as a fellow at Mother Jones magazine. Her work has appeared in Wired, CNBC, Esquire and other outlets. She received a BA in history from Brown University. You can reach Tonya with sensitive tips on Signal at 202-643-0931. PR pitches to Signal will be ignored and should be sent via email.

Latest Podcasts