Skip to Main Content

Russia-Ukraine Conflict

Russian ransomware gang threatens countries that punish Moscow for Ukraine invasion

Security experts have warned that any cyberattacks on Russia could prompt digital retaliation by either Moscow or sympathetic criminal hackers.

A person types on an illuminated computer keyboard.

Conti’s declaration could carry legal consequences if military lawyers conclude that the group is essentially an arm of the Russian government. | Sean Gallup/Getty Images

By Eric Geller

A Russian ransomware gang on Friday threatened to hack the critical infrastructure of any nation or organization that retaliates against Moscow for its invasion of Ukraine, according to a statement shared by cybersecurity researchers.

The statement, attributed to the operators of the Conti gang, pledged “full support of [the] Russian government” and vowed to use “all possible resources to strike back at the critical [infrastructure] of an enemy” that launches “a cyberattack or any war activities against Russia.”

The group is best known for devastating Ireland’s health system in May 2021, an attack whose real-world effects persisted for months.

POLITICO has been unable to independently verify the authenticity of the message, but researchers who track Conti and other ransomware groups consider it to be legitimate.

Why it matters: Conti’s threat comes one day after NBC News reported that President Joe Biden had reviewed options for launching massive cyberattacks on Russia to hamper the invasion, from shutting off parts of the country’s power grid to tampering with the railroads ferrying troops to Ukraine. The White House quickly shot down the story, calling it “wildly off base.”

Security experts have warned that any cyberattacks on Russia could prompt digital retaliation by either Moscow or sympathetic criminal hackers.

On Thursday, Biden told reporters that the U.S. was “prepared to respond” to cyberattacks on U.S. businesses or infrastructure.

A valid target: Conti’s declaration could carry legal consequences if military lawyers conclude that the group is essentially an arm of the Russian government. Such a conclusion could affect the kinds of operations the U.S. launches against it and the agencies involved in conducting those attacks.

A formidable enemy: If Conti decides to escalate its attacks on Western countries, it will have plenty of options to choose from. “Conti’s access is extensive,” security researcher Kevin Beaumont tweeted. “They have more access than available staff to ‘pentest’ and wipe.”