The last few months have seen a sharp rise in cyberattacks, often disrupting products and services that are key to our everyday lives. Many of those attacks have used ransomware, a set of tools that lets hackers gain access to computer systems and disrupt or lock them until they get paid.
Ransomware is not new. But there is a growing trend of hackers targeting critical infrastructure and physical business operations, which makes the attacks more lucrative for bad actors and more devastating for victims.
Many people think of cyberattacks as just that: an attempt by hackers to steal sensitive data or money online. But now hackers have found a significant moneymaker in targeting physical infrastructure.
The White House has sent a rare open letter to companies calling on them to treat the threat of ransomware attacks with greater urgency.
In a memo sent on May 27th , the National Security Council’s top cyber official, Anne Neuberger, writes to corporate executives and business leaders that the private sector needs to better understand its critical role.
“All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location,” Neuberger writes. “We urge you to take ransomware crime seriously and ensure your corporate cyber defense match the threat.”
A White House official said Neuberger’s letter was prompted by a spike in ransomware attacks and “a very concerning shift from data theft to disrupting critical services.”
“The most important takeaway from the recent spate of ransomware attacks on US, Irish, German and other organizations around the world is that companies that view ransomware as a threat to their core business operations rather than a simple risk of data theft will react and recover more effectively,” Neuberger said, urging companies to “immediately convene their leadership teams” to assess their risk exposure.
The letter from Neuberger, was also sent out to key companies that regularly engage with the Department of Homeland Security’s agency in charge of safeguarding critical infrastructure, the Cybersecurity and Infrastructure Security Agency.
The White House is encouraging all companies to carry out recommendations it recently laid out in an executive order focused on cybersecurity, including updating systems and segmenting networks to isolate the operational parts of the networks. The Biden administration also said this week it has launched a review of ransomware practices that include pressuring countries, such as Russia, to not harbor ransomware attacks, and to analyze cryptocurrencies use by criminals.
On Wednesday, White House press secretary Jen Psaki said the administration is working closely with the private sector.
She told reporters that the White House is “ensuring that private sector entities have a seat at the table, and we can work in close coordination.”
The White House is also engaging with the Russian government on the matter and “delivering the message that responsible states do not harbor ransomware criminals,” White House deputy press secretary Karine Jean-Pierre said Tuesday.
President Joe Biden will address the increased threat of cyberattacks while meeting with Russian President Vladimir Putin later this month, Psaki said, adding that the administration is not “taking any options off the table” in response to the attack on JBS USA.