In an open letter, the White House this week urged corporate executives and business leaders to take the appropriate measures to protect their organizations against ransomware attacks, only days after meat-packaging giant JBS fell victim to such an attack.
The memo, signed by Anne Neuberger, deputy national security advisor for cyber and emerging technology, mentions the recent increase in the number of ransomware incidents, as well as the Biden administration’s response to such attacks targeting government and private sector organizations.
In response to a series of cyberattacks that affected U.S. critical infrastructure both directly and indirectly – including the SolarWinds incident and the Colonial Pipeline attack – President Joe Biden signed an executive order on improving the cyber-defenses of “vital institutions.”
Furthermore, the White House announced sanctions against multiple Russian individuals and companies, and revealed plans to step up its game on fighting ransomware.
“These efforts include disrupting ransomware networks, working with international partners to hold countries that harbor ransomware actors accountable, developing cohesive and consistent policies towards ransom payments and enabling rapid tracing and interdiction of virtual currency proceeds,” Neuberger notes in this week’s memo.
In the letter, Neuberger also underlines that private businesses too have “a critical responsibility to protect against these threats,” listing a series of steps that all organizations can take to improve their resilience against ransomware and other cyber-threats.
These include implementing multi-factor authentication, detection and response, and encryption, keeping data backed up, keeping systems and applications up to date, employing a skilled security team and auditing their work, and implementing network segmentation.
“Ransomware attacks have disrupted organizations around the world, from hospitals across Ireland, Germany and France, to pipelines in the United States and banks in the U.K. The threats are serious and they are increasing. We urge you to take these critical steps to protect your organizations and the American public,” Neuberger continues.
The suggested steps, however, are not new. In fact, they represent common sense when it comes to building an organization’s security and are likely already implemented by most organizations out there. Threat actors, however, relentlessly search for possible weaknesses in defenses and attempt to exploit even the smallest gap they find.
“From what we have observed, ransomware attacks usually start with either tricking an employee into executing a malicious payload, or by exploiting internet-exposed systems. To protect against cyber-attacks it is critical that you train employees against social engineering attacks,” Felipe Duarte, security researcher at Appgate, said in an emailed comment. The adoption of a Zero Trust approach can also help organizations strengthen their security posture, he says.
According to Kunal Anand, chief technology officer at Imperva, in addition to providing guidelines, the federal government should do more to help enterprises and small businesses in the U.S. protect themselves from ransomware and other cyberattacks.
“Instead of focusing on defensive and reactive measures, the Biden administration needs to take a more effective position – aimed at providing tactical support and resources. The U.S. government should be looking at setting up departments that can help the private sector, or an Emergency Cybersecurity Center for broadcasting threats and attacks to everyone,” Anand said.
“At a time when the nation is under siege by ransomware attacks that are disrupting daily life, the U.S. Government needs to ask industry leaders to donate their time – whether it’s helping provide recommendations, setting up resource groups, etc. This should be seen as a patriotic duty,” he added.