White House ransomware memo urges businesses to harden cyber defenses
White House official warns 'the number and size of ransomware incidents have increased significantly'
The White House is urging the private sector to take ransomware crime seriously by ensuring corporate cyber defenses match the threat, while warning that "no company is safe" from being targeted.
White House deputy national security adviser for cyber and emerging technology Anne Neuberger on Thursday penned a memo to corporate executives and business leaders, outlining how companies can protect themselves against ransomware attacks.
Neuberger warned that ransomware threats are "serious" and are "increasing."
The memo comes after the latest ransomware assault this week shut down the U.S.-based meat plants of the world’s largest meatpacker, Brazil-based JBS. The White House said the hack was likely carried out by a criminal group based in Russia.
"The number and size of ransomware incidents have increased significantly, and strengthening our nation’s resilience from cyberattacks – both private and public sector – is a top priority of the president’s," Neuberger wrote Thursday.
"Under President Biden’s leadership, the federal government is stepping up to do its part, working with like-minded partners around the world to disrupt and deter ransomware actors," she continued. "These efforts include disrupting ransomware networks, working with international partners to hold countries that harbor ransomware actors accountable, developing cohesive and consistent policies toward ransom payments, and enabling rapid tracing and interdiction of virtual currency proceeds."
Neuberger added that the private sector "has a critical responsibility to protect against these threats."
"All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location," she said, urging companies to "take ransomware crime seriously and ensure your corporate cyber defenses match the threat."
Neuberger urged corporations to implement the "five best practices" from Biden's executive order, including multifactor authentication; endpoint detection and response, to hunt for malicious activity on a network and block it; encryption, so that if data is stolen, it is unusable; and a skilled, empowered security team to patch rapidly, and share and incorporate threat information."
"These practices will significantly educe the risk of a successful cyberattack," she wrote.
Neuberger also said companies should back up their data, system images and configurations, regularly test them, and keep the backups offline.
"Maintaining current backups offline is critical because if your network data is encrypted with ransomware, your organization can restore systems," she wrote.
"Ransomware attacks have disrupted organizations around the world, from hospitals across Ireland, Germany and France, to pipelines in the United States and banks in the U.K.," Neuberger continued. "The threats are serious and they are increasing. We urge you to take these critical steps to protect your organizations and the American public."
Neuberger said the U.S. government is working with countries around the world to "hold ransomware actors and the countries who harbor them accountable, but we cannot fight the threat posed by ransomware alone.
"The private sector has a distinct and key responsibility," she said. "The federal government stands ready to help you implement these best practices."