WASHINGTON — Cyberattacks and ransomware will be one of the issues President Joe Biden intends to raise during his first foreign trip as commander in chief, an issue of special significance for his meeting with Russian President Vladimir Putin.
In recent weeks, high-profile ransomware attacks on vital U.S. infrastructure brought greater public awareness to both these types of hacks and the vulnerability of large parts of the nation’s economy.
A ransomware attack is a type of hacking in which a cybercriminal will infiltrate a computer system and compromise data or operations. The hacker will then require financial compensation from the owner of the system for the data or systems to be returned to the owner.
“All ransomware attacks are crimes. They should be prosecuted to the full extent of the law and every responsible nation should take action against the criminals,” National Security Advisor Jake Sullivan said to reporters earlier this month, adding that Biden will “100%” raise the issue of ransomware and cyberattacks with Putin.
In May, a ransomware attack on Colonial Pipeline scrambled payment systems, forcing the firm to temporarily shut down a pipeline that supplies oil to a large swath of the eastern U.S.
An attack this month on JBS USA, the American affiliate of the world’s largest meat producer, rendered its systems inoperable for a day.
That both hacks were carried out by Russian-based cyber groups has also raised national security concerns.
Biden plans to raise ransomware at Russian summit
White House press secretary Jen Psaki says ransomware issues are going to be addressed at an upcoming Russian summit. “We’re not taking any options off the table in terms of how we may respond,” Psaki says. (June 6)
“These attacks have been on the rise for years because these criminal groups are able to make a profit off the backs of businesses, schools, local governments, and more,” White House press secretary Jen Psaki said during a June 3 press briefing.
Psaki added that “ransomware is a global problem” that “disrupt organizations around the world,” a lens that now informs the White House’s thinking on combatting the threat.
While the Federal Bureau of Investigation has said that neither of the groups that carried out the most recent high-profile attacks is directly affiliated with the Russian government, White House aides have repeatedly stressed that “responsible countries do not harbor cybercriminals,” a clear condemnation of Russian inaction.
The ransomware issue further goes to the heart of Biden’s overarching narrative about competition between “democracy versus autocracy,” a lens through which the administration sees its global relationships and conflicts with countries like China, Iran and Russia.
Wray: FBI guidance frowns on ransomware payments
The FBI’s director told lawmakers Thursday that it discourages ransomware payments to hacking groups even as major companies in the past month have participated in multimillion-dollar transactions aimed at getting their systems back online. (June 10)
In discussing U.S. ransomware policy, Sullivan noted that “how to share information about the nature of the threat among our democracies” was a cornerstone of U.S. strategy and that how we collectively speak with one voice to those countries, including Russia, that are harboring or permitting cyber criminals to operate from their territory” is a key priority for Biden heading into meetings with the G7 in the United Kingdom and NATO in Brussels.
The White House has also taken an increasingly stern tone with American businesses as it looks to reorient its cyber-strategy to the new environment. New technologies like cryptocurrency have also earned special attention from national security aides.
Sullivan specified the “cryptocurrency challenge” in ransomware “lies at the core of how … these ransom transactions are played out.”
Administration officials have not specified what measures the administration is contemplating regarding cryptocurrencies, though the FBI recently recover over half of the funds in Bitcoin paid to the hacking group “DarkSide.”
In a June 3 letter, the National Security Council’s top cyber official, Anne Neuberger, also wrote a letter to corporations urging them to ensure their cyber capabilities were strong enough to resist a ransomware attack.
“All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location,” Neuberger wrote. “We urge you to take ransomware crime seriously and ensure your corporate cyber defense match the threat.”
“Our focus is on the destruction of ransomware infrastructure and actors, including through close cooperation with the private sector,” Psaki added at her June press briefing, continuing that national security officials are also focused on “expanding cryptocurrency analysis to find and pursue criminal transactions.”
Follow Matthew Brown online @mrbrownsir.