Dedicated to the memory of John J. Foarde III, a diplomat devoted to his country, a longtime observer of China and shrewd geopolitical analyst, a caring mentor, and a true gentleman.

This is part 4b of Natto Thoughts’ “Ransom-War” series.1 The series argues that Russian ransomware actors are not solely financially motivated; rather, whether they like it or not, they are immersed in a geopolitical context and mindset of confrontation with the “collective West”; in at least some cases the targeting and timing of their attacks align with Russian strategic interests, suggesting some degree of state inspiration or even coordination. 

Part 4b, the present section, argues that sometimes-puzzling Russian law enforcement patterns in recent years resemble less a desire to crack down on cybercriminals than an effort to use the threat of ransomware as a bargaining chip in pursuit of Russian strategic goals. 

As we saw in Part 4a, on January 14 2022 the Russian Federal Security Service (FSB) announcem…