WASHINGTON — The White House is urging private companies to take immediate action to boost their ransomware defenses after a number of recent high-profile cyberattacks slowed critical U.S. supply chains, according to a new memo.
"Ransomware attacks have disrupted organizations around the world, from hospitals across Ireland, Germany and France, to pipelines in the United States and banks in the U.K.," Anne Neuberger, the deputy national security adviser for cyber and emerging technology, wrote in a memo to corporate executives and business leaders.
"The threats are serious, and they are increasing. We urge you to take these critical steps to protect your organizations and the American public," she added. "The private sector has a distinct and key responsibility. The federal government stands ready to help you implement these best practices."
The memo comes as JBS, the world's largest beef supplier, was hacked Sunday, forcing the company to take systems offline and stop work in North America and Australia, threatening some of the U.S. meat supply.
Less than a month earlier, a Russian cybercrime gang hacked Colonial Pipeline, a major U.S. fuel supplier, prompting the company to shut down pipeline activity for five days and leading to gas shortages. Colonial Pipeline paid the hackers nearly $5 million in ransom.
In the memo, Neuberger suggested "a small number of highly impactful steps" that she said companies could take immediately to help make "rapid progress on driving down risk."
Neuberger encouraged the private sector to adopt the best practices President Joe Biden laid out in an executive order he signed in May aimed at addressing the country's vulnerability to cyberattacks, such as multifactor authentication and encryption.
Neuberger also urged companies to back up data and keep backups offline so that they are not vulnerable to ransomware variants; to update and patch systems regularly; to build and test an incident response plan so that businesses can sustain operations in the event of an attack; and to segment networks so that corporate business functions are separated from manufacturing and production operations.
"Much as our homes have locks and alarm systems and our office buildings have guards and security to meet the threat of theft, we urge you to take ransomware crime seriously and ensure your corporate cyber defenses match the threat," Neuberger wrote.
Deputy Attorney General Lisa Monaco also released a memo Thursday outlining new guidelines related to reporting ransomware investigations.
"To ensure we can make necessary connections across national and global cases and investigations, and to allow us to develop a comprehensive picture of the national an economic security threats we face, we must enhance and centralize our internal tracking of investigations and prosecutions of ransomware groups and the infrastructure and networks the allow these threats to persist," Monaco wrote.
White House press secretary Jen Psaki Thursday called ransomware a "global problem" and said Biden would discuss the topic with world leaders later this month when he attends a Group of Seven summit and a NATO summit in Europe.
Psaki said Biden would also bring up the recent hacks with Russian President Vladimir Putin during their in-person meeting in Geneva on June 16.
"The president's message will be that responsible states do not harbor ransomware criminals and responsible countries must take decisive action against these ransomware networks," Psaki said. "That will be a part of the discussion when he sees him in less than two weeks."
Psaki said that the administration continues to advise private companies against paying ransoms because it incentivizes attacks.
Rep. Adam Schiff, D-Calif., chair of the House Intelligence Committee, said in an interview with MSNBC Thursday that the U.S. needed to continue to do more to protect against cyberattacks.
"We need both to harden our private defenses in corporate America, we need to harden our government defenses which are still not good enough," he said. "But we also, I think, need to be more on the offense, disrupting, using our cyber capabilities to disrupt and take away some of the profitability from these groups."
