White House urges businesses to take ransomware crime seriously

Image: Tabrez Syed

The White House has urged business leaders and corporate executives to take ransomware attacks seriously in a letter issued by Anne Neuberger, the National Security Council's chief cybersecurity adviser.

"The most important takeaway from the recent spate of ransomware attacks on U.S., Irish, German and other organizations around the world is that companies that view ransomware as a threat to their core business operations rather than a simple risk of data theft will react and recover more effectively," Neuberger said.

The letter comes after a significant increase in the numbers and severity of ransomware attacks targeting the public and private sectors.

While disrupting and stopping the threat actors coordinating these attacks is one of the top priorities for President Biden, Neuberger also urges businesses to take this threat just as seriously and ensure their "corporate cyber defense match the threat."

"To understand your risk, business executives should immediately convene their leadership teams to discuss the ransomware threat and review corporate security posture and business continuity plans to ensure you have the ability to continue or quickly restore operations," Neuberger added.

Neuberger also highlights best practices to help defend against ransomware attacks:

  • Implement the five best practices from the President's Executive Order
  • Backup your data, system images, and configurations, regularly test them, and keep the backups offline
  • Update and patch systems promptly
  • Test your incident response plan
  • Check your security team's work using a third party pen tester 
  • Segment your networks

The White House issued this letter after several ransomware incidents impacted US companies in the last 30 days, all of them orchestrated by cybercriminals groups believed to be Russian-based.

An attack coordinated by the DarkSide ransomware gang forced Colonial Pipeline to shut down the largest pipeline in the US and pay a $5 million ransom in early May.

On May 31, the world's largest meat processor JBS was also forced to shut down production after REvil ransomware operators breached and encrypted some of its North American and Australian IT system.

Press Secretary Jen Psaki said in a press briefing that President Biden would be discussing these recent attacks with Russian President Vladimir Putin at the June 16 Geneva summit.

"The U.S. Government is working with countries around the world to hold ransomware actors and the countries who harbor them accountable, but we cannot fight the threat posed by ransomware alone," Neuberger concluded.

"The private sector has a distinct and key responsibility. The federal government stands ready to help you implement these best practices."

Related Articles:

Ransomware gang claims they stole 6TB of Change Healthcare data

FBI, CISA warn US hospitals of targeted BlackCat ransomware attacks

UnitedHealth subsidiary Optum hack linked to BlackCat ransomware

White House urges devs to switch to memory-safe programming languages

US offers $15 million bounty for info on LockBit ransomware gang