The Biden administration is ramping up efforts to combat ransomware, as hackers find new ways to exploit the vulnerabilities of corporations and governments for big payoffs by threatening to disrupt critical infrastructure.
The head of the FBI even likened the scale and stakes of the threat to those that emerged after the Sept. 11, 2001, terrorist attacks, emphasizing the necessity for coordinated action to combat it.
The agency is investigating about 100 types of ransomware, including many that trace back to Russian actors, FBI Director Christopher Wray told the Wall Street Journal in an interview published Friday, and each of those software variants — which can debilitate companies or key components of the nation’s supply chain — have targeted multiple victims throughout the U.S.
“There are a lot of parallels, there’s a lot of importance and a lot of focus by us on disruption and prevention,” Wray said. “There’s a shared responsibility, not just across government agencies but across the private sector and even the average American.”
Headline-grabbing cyberattacks have shifted from huge data breaches meant to embarrass and expose private information to a coordinated extortion business. Last month, a ransomware attack on Colonial Pipeline disrupted the East Coast’s fuel infrastructure and triggered panic buying and shortages. This week, the world’s largest meat processor was forced to suspend operations in the U.S., Australia and Canada after it was hacked, sparking worries of beef and pork shortages and escalating prices.
The attacks have kicked the government’s cybersecurity efforts into overdrive.
A task force of dozens of experts from industry, government and academia called on the government and private industry to take aggressive action to combat ransomware in a wide-ranging April report, and leaders are encouraged by the early signs of actions this month.
“This is exactly the signal that needs to be sent to the ransomware criminals,” said Philip Reiner, executive director of the Ransomware Task Force and CEO of the Institute for Security and Technology. “The status quo is over. We’re not going to approach this in the same way anymore.”
On Thursday, a top White House cybersecurity official called on businesses to adapt quickly and implement security measures to defend against ransomware attacks, mirroring efforts by the federal government to secure its own systems.
“The private sector also has a critical responsibility to protect against these threats,” Anne Neuberger, deputy national security adviser for cyber and emerging technology, wrote in the letter. “All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location.”
Neuberger urged companies to make sure their corporate and business functions are largely separate from their production operations, and to test their incident response plans.
On Friday, White House press secretary Jen Psaki said President Joe Biden intends to raise the issue of cybersecurity when he meets with Russian President Vladimir Putin at a summit in Geneva later this month.
“Of course, there is the SolarWinds hack, but also the ransomware hacks,” she said. “As we’ve talked about, the actions of criminal groups, within a country, there is a responsibility of the leaders of that country to take action. And there is no doubt President Biden will be raising that directly in that conversation.”
Wray singled out Russia as a safe haven for hackers who deploy ransomware attacks, noting that a “huge portion” of incidents trace back to actors in Russia.
Kremlin spokesman Dmitry Peskov told the state RIA news agency that Wray’s comments appeared to be “emotionally charged,” adding that hackers exist in every country in the world. Russia has previously denied that state-sponsored hackers launched cyberespionage campaigns against U.S. institutions.
“I have heard about some meat processing company, it’s nonsense, we understand it’s just laughable. A pipeline? It’s nonsense, too,” Putin told state television Friday.