President Biden urged Russian President Vladimir Putin in a phone call Friday to take action to stem recent ransomware attacks from Russia-linked groups.
"I made it very clear to him that the United States expects that when a ransomware operation is coming from his soil, even though it is not sponsored by the state, we expect him to act, if we give him enough information to act on who that is," Mr. Biden said.
The president also said that he and Putin "have set up a means of communication now" so that they can speak "on a regular basis" when "each of us thinks something is happening in another country that affects the home country." The president said he's "optimistic" about his relationship with Putin. But when a reporter asked if there would be consequences for these attacks, Mr. Biden replied, "Yes."
In a readout of the call with Putin, the White House said that Mr. Biden "underscored the need for Russia to take action to disrupt ransomware groups operating in Russia and emphasized that he is committed to continued engagement on the broader threat posed by ransomware."
The Russia-linked REvil gang, best known forin May, last week infected thousands of victims in at least 17 countries, and on Sunday initially as ransom to end the attack. As part of the holiday weekend attack, the U.S.-based software company Kaseya , impacting 1,500 small businesses managed by its customers.
White House press secretary Jen Psaki said that Mr. Biden "made clear" to Putin "that the United States will take any necessary action to defend its people and its critical infrastructure."
"This was an example of leader to leader diplomacy, something the president feels is vital as he operates in the world," Psaki said.
Mr. Biden and Putin met for a summit in Geneva last month, where the president urged Putin to crack down on cyberattacks originating in Russia. The Russian president has repeatedly denied any involvement or direct knowledge of recent attacks.
Mr. Biden told reporters after the summit that Putin "knows there are consequences" and said Russia's credibility "shrinks" when it participates in cyberattacks. He also presented Putin with a list of 16 critical infrastructure entities that should be off-limits to cyberattacks, a list provided by the Cybersecurity and Infrastructure Security Agency (CISA).
Those 16 sectors are: Chemical; commercial facilities; communication; critical manufacturing; dams; defense industrial base; emergency services; energy; financial services; food and agriculture; government facilities; healthcare and public health; information technology; nuclear reactors, materials and waste; transportation systems and water and waste management systems.
Sara Cook contributed to this report.