Another example stirs the question of, “When Does the ‘Tough on Russia’ Part of Biden’s Presidency Start?”
The U.S. released a high-profile Russian cybercriminal from its custody this week, at least a year before his prison sentence was expected to finish, handing him over to Russian authorities despite long resisting Moscow’s efforts to retrieve him.
Current and former officials said they were surprised by Mr. Burkov’s release by U.S. authorities, especially given how aggressively the Justice Department had sought his extradition from Israel. Senior Justice Department officials have said that Russia relies on bad-faith requests to extradite its citizens arrested abroad on hacking charges and then either releases them or prosecutes them with light sentences.
…Mr. Burkov was widely seen as a valuable asset to Moscow, according to U.S. and Israeli officials. Many Russian hackers have ties either to the Kremlin or to Russian oligarchs and can be forced into working for an intelligence service if they are brought home to Russia, which was likely a factor in Russia’s interest Mr. Burkov, former officials have said. Mr. Burkov also was believed to possess detailed knowledge of the Russian cybercriminal world that would be valuable both to U.S. and Russian authorities, former officials said.
Hey, remember when President Biden promised to get tough with Russian hackers? Remember when Biden boasted, “I made it very clear to [Vladimir Putin] that — that the United States expects, when a ransomware operation is coming from his soil, even though it’s not — not sponsored by the state, we expect them to act if we give them enough information to act on who that is”?
When the U.S. has a Russian cybercriminal with time left on his sentence, and chooses to ship him back to the Russian government, does that qualify as getting tough? Or is this a concession that is part of some sort of behind-the-scenes deal between the administration and the Russian government?
The Wall Street Journal notes that FBI deputy director Paul Abbate said at an intelligence conference earlier this month, “there is no indication that the Russian government has taken action to crack down on ransomware actors that are operating in the permissive environment they have created there.”