U.S. government raising the alarm on ransomware
The Biden administration is ramping up efforts to combat ransomware, as hackers find new ways to exploit the vulnerabilities of corporations and governments for big payoffs by threatening to disrupt critical infrastructure.
The head of the FBI even likened the scale and stakes of the threat to those that emerged after the Sept. 11 terrorist attacks, emphasizing the necessity for coordinated action to combat it.
The agency is investigating about 100 types of ransomware, including many that trace back to Russian actors, FBI Director Christopher Wray told the Wall Street Journal in an interview published Friday, and each of those software variants — which can debilitate companies or key components of the nation’s supply chain — has targeted multiple victims throughout the U.S.
“There are a lot of parallels, there’s a lot of importance, and a lot of focus by us on disruption and prevention,” Wray said. “There’s a shared responsibility, not just across government agencies but across the private sector and even the average American.”
Headline-grabbing cyberattacks have shifted from massive data breaches meant to embarrass and expose private information, to a coordinated extortion business. Last month, a ransomware attack on Colonial Pipeline disrupted the East Coast’s fuel infrastructure and triggered panic buying and shortages. This week, the world’s largest meat processor was forced to suspend operations in the U.S., Australia and Canada after it was hacked, sparking worries of beef and pork shortages and escalating prices.
The attacks have kicked the government’s cybersecurity efforts into overdrive.
A task force of dozens of experts from industry, government and academia called on the government and private industry to take aggressive action to combat ransomware in a wide-ranging April report, and leaders are encouraged by the early signs of actions this month.
“This is exactly the signal that needs to be sent to the ransomware criminals,” said Philip Reiner, executive director of the Ransomware Task Force and CEO of the Institute for Security and Technology. “The status quo is over. We’re not going to approach this in the same way anymore.”
On Thursday, a top White House cybersecurity official called on businesses to adapt quickly and implement security measures to defend against ransomware attacks, mirroring efforts by the federal government to secure its own systems.
“The private sector also has a critical responsibility to protect against these threats,” Anne Neuberger, the deputy national security adviser for cyber and emerging technology, wrote in the letter. “All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location.”
Neuberger urged companies to make sure their corporate and business functions are largely separate from their production operations, and to test their incident response plans.
On Friday, White House press secretary Jen Psaki said President Joe Biden intends to raise the issue of cybersecurity when he meets with Russian President Vladimir Putin at a summit in Geneva later this month.
“Of course, there is the SolarWinds hack, but also the ransomware hacks,” she said. “As we’ve talked about, the actions of criminal groups, within a country, there is a responsibility of the leaders of that country to take action. And there is no doubt President Biden will be raising that directly in that conversation.”
During his interview, Wray singled out Russia as a safe haven for hackers who deploy ransomware attacks, noting that a “huge portion” of incidents trace back to actors in Russia.
Kremlin spokesman Dmitry Peskov told the state RIA news agency that Wray’s comments appeared to be “emotionally charged,” adding that hackers exist in every country in the world. Russia has previously denied that statesponsored hackers launched cyberespionage campaigns against U.S. institutions.
“I have heard about some meat processing company, it’s nonsense, we understand it’s just laughable. A pipeline? It’s nonsense, too,” Putin told state television Friday.
“It’s just laughable. But apparently, thank God, there are reasonable people who ask this question, and they ask these questions of those who are trying to provoke some new conflicts before our meeting with Biden,” Putin said in an interview with Channel One.
“Let’s see what the result of that will be. I can’t comment any more substantively than I have done,” Putin said.
Biden has already launched a “rapid strategic review” to address the dangers of ransomware, including the creation of a global coalition to hold countries who harbor ransomware criminals accountable. The initiative builds on an executive order Biden signed last month to protect the federal government against cyberattacks — an effort that the administration would like to see extend to the private sector.
Still, Reiner and other experts note: This is just a beginning. To put a stop to large-scale ransomware attacks, private companies must invest in significant cybersecurity technology, governments must set standards and criminal groups must be investigated.