Politicians have to play to a constituency and this is just another example of the constituency demanding a us/them perspective. It might sound convincing but it does nothing to fix the problem.
Kaspersky -- the individual, not the company -- was recently quoted talking about global malware threats and how each country or region tends to specialize in particular types of scams. There's nothing new about particular types of attacks, the recent Colonial Pipeline attack was the result of a phish that shut down the company's business systems (not the actual pipeline as many might have been led to believe) and JBS probably got caught by the same technique. The fact these attacks work isn't the machinations of some dastardly state actor so much as a combination of flawed computer systems and a lack of effective law enforcement. We all know who the real culprits are but somehow we're reluctant to inconvenience our business models to make them ineffective or just plain shut them down.
One example of ineffectual enforcement is the Indian boiler room scams. The phone scams just go on and on, they've got so ridiculous that their puerps are identified and lampooned on youTube but nothing is done to shut them down at the diplomatic or international law enforcement level. Banks transfer funds in a flash but are completely unable to slow unusual or suspicious transactions (but we'll keep on top of the transactions just to make sure Iran or some other bete noir isn't involved). Its a mess, and the proof of our impotence is the way we try to make PR capital out of what should be a straightforward law enforcement task.