Ransomware’s suspected Russian roots point to a long detente between the Kremlin and hackers

Washington Post logo

MOSCOW — The ransomware hackers suspected of targeting Colonial Pipeline and other businesses around the world have a strict set of rules.

First and foremost: Don’t target Russia or friendly states. It’s even hard-wired into the malware, including coding to prevent hacks on Moscow’s ally Syria, according to cybersecurity experts who have analyzed the malware’s digital fingerprints.

They say the reasons appear clear. Continue reading.