Insight
Russia Announces Tougher Laws on Cybercrime
On February 10, 2025, Russia introduced severe penalties for cybercrimes, amending over 30 laws to enhance cybersecurity. Key reforms include longer prison terms, asset confiscation, public trials for major offenders, and improved extradition frameworks.
The initiative allegedly aims to address rising state-linked hacking threats, particularly to critical infrastructure, while expanding monitoring and accountability measures in cybersecurity.
Assessment
The fact that Russia now signals tougher action on cybercrime and is even willing to make it easier to extradite criminals should primarily be seen as a diplomatic gesture to the new adminstration in USA. Russia is offering to clamp down on ransomware in exchange for US concessions on Ukraine. The laws are in themselves relatively meaningless. Russia already has laws that forbids cybercrime, but they are seldom enforced, as long as the cybercriminals don’t attack victims in Russia. The fact that the laws mention asset confiscation can also be an indirect signal to cybercriminals that they should pay the government for the protection they enjoy. If the US and Russian government actually do come to a broader geopolitical agreement that includes a halt to Russian ransomware attacks, it’s possible this will only include ransomware attacks in USA, while Europe may still be considered fair game.
References
[1] https://cybersecuritynews.com/russian-government-combat-cybercrime/