Rep. Jim Langevin, Rhode Island Democrat, is calling on President Biden to implement new sanctions on Russia over the spate of ransomware attacks afflicting the U.S.
Mr. Langevin, chairman of the House Armed Services’ subcommittee on cyber, said he wants the federal government to take tailored action against Moscow without risking a move that would destabilize Russia completely.
“We need to apply sanctions. This may seem uninspired considering that the Biden administration imposed sanctions on Russian entities three months ago in response to SolarWinds, however, I think we need to change who we target with sanctions and how we target them,” Mr. Langevin said in remarks to the Council on Foreign Relations on Monday.
Recently implemented sanctions against Russia over the SolarWinds hacks of federal computer networks will not cause “acute pain” because the sanctioned entities have no meaningful relationship with Western financial institutions, according to Mr. Langevin.
The Democratic lawmaker argued that exposing Russian President Vladimir Putin and his inner circle would be understood as a call for regime change in Russia, so a less risky approach is needed now.
“We are clearly within our rights to take action against Russia and Russian entities if Russia continues to turn a blind eye to the criminals within its borders,” Mr. Langevin said. “It is impossible to argue that Putin and his cronies are trying to crack down on cyber crime and being hoodwinked by the sophisticated criminals. In fact, it’s just the opposite — when a criminal group dares to target Russian-speakers or Russian nationals, the punishment from Moscow is quick.”
If the United States exposed the full picture of Mr. Putin and Russian oligarchs’ alleged corruption, embezzlement and fraud, Mr. Langevin said, such action would open Pandora’s box that would destabilize Russia and provoke Mr. Putin to respond in kind.
“If we target the criminals, we’ll take them down for a few weeks. Then they will reconstitute and continue their lucrative ransomware operations. If we target the Russian state, then we’ve traded jabs, but we haven’t really changed Putin’s decision-making calculus,” Mr. Langevin said. “In both cases, we win short-term victories but have not changed the long-term environment. In fact, responding in cyberspace will be counter to our ultimate goal of promoting a domain that is regulated by strong norms and a well-understood standard of behavior. Trading shots in cyberspace perpetuates the idea that the domain is the Wild West and directly undermines our goal of stability.”
Mr. Biden drew a “red line” on cyberattacks at a June 16 event with Mr. Putin in Geneva and spoke with the Russian president by phone on Friday to again urge him to take action to stop the onslaught of ransomware attacks.
As pressure mounts on Mr. Biden to take more aggressive action, his selections to lead U.S. cybersecurity policy are getting closer to taking office. On Monday, the Senate confirmed Jen Easterly’s nomination to the Cybersecurity and Infrastructure Security Agency by a voice vote, and John C. Inglis was formally sworn in as the first national cyber director.