It has always been this way and will continue to be. Russia along with north korea consider ransomware to be legitimate economic activity. It's part of their hybrid warfare strategy.
Well yeah, because that's not what the person they were replying to was asking about. They were asking a "when" question of sorts, tangential to the root topic, not a why.
I don't think this is done on purpose at the state level in Russia or China, It's just that sometimes government don't pay attention to those who do it if this is done in relation to somehow unfriendly countries. But the US also uses hacking for hostile purposes. For example, Stuxnet and some other cases. Yes, it's not ransomware, but the difference is not that huge. Western-backed countries like Ukraine are also doing the same. Anyway Just use Linux and you'll be fine for a while.
Foreigners won't go to Russia to file a complaint to police. Without a complaint, there is no reason to investigate anything. I think this is the explanation.
Also it is 100x more difficult to make Russian pay for something, including a ransom. So attacking fellow Russian is a high-risk, low-return move.
In the past US LE has tried to work with Russia to arrest ransomwarw groups but it didn't work out. Russia demands extradition of political prisoners or some such in exchange so it falls through.
When Russia arrests a hacker they're turned over to the GRU and told who to target. Western governments use hacking for intelligence gathering not economic warfare. The ochko123 fraudster was very connected with the Russian government, it's state policy.
Yes, absolutely. This is mostly a legal/enforcement decision. If you avoid Russian authorities, they avoid you. Also Russia is nowhere near as fertile ground as the US. There are plenty of low paid entry level office workers in the US who will gladly update their AP payment information for business email compromise (BEC). $2.77 billion lost to BEC in 2024, the most lucrative category. Total losses in the US were $16 billion from 859,532 complaints.
One investigation I worked a threat actor in China socially engineered their way into getting an employee account in a US company created for them. They were so persuasive they also got their account inserted into the approval process as a manager for creating other new employee accounts (at a specific location) in the identity workflow. They did this only for the purpose of siphoning discounts that are available to employees, and they resold those which resulted in about one million dollars loss over a period of a couple of years.