The White House warned corporate executives and business leaders to step up security measures to protect against ransomware attacks after intrusions disrupted operations at a meatpacking company and a southeastern oil pipeline.
The ransomware attack has been significantly increased in recent days, said Anne Neuberger, cybersecurity adviser at the National Security Council. As the threats are more serious, she also urged to take the critical steps to protect all organizations and the American public. The recent cyberattacks have forced companies to see ransomware as a threat to core business operations. The ransomware attacks nowadays are not just a theft, they have shifted from stealing to disrupting operations.
Neuberger wrote that the private sector also has a critical responsibility to protect against these threats. Regardless of size or location, every organizations must recognize that no one is safe from being targeted by ransomware. She wrote this letter after an attack in a major meatpacker, that disrupted meat production in North America and Australia. A Russia-linked hacking group that goes by the name of REvil and Sodinokibi was behind the cyberattack against JBS.
There was also another major attack last month by a group with ties to Russia on Colonial Pipeline, which is the largest fuel pipeline in the United States. This crippled fuel delivery for several days in the U.S. Southeast. White House press secretary Jen Psaki said that Biden believes Russian President Vladimir Putin has a role to play in preventing these attacks and planned to bring up the issue during their summit this month.
Neuberger’s letter outlined immediate steps such as multifactor authentication, endpoint detection and response, encryption and a skilled security team for the company’s safety. Companies should back up data and regularly test systems, as well as update and patch systems promptly. She advised that companies test incident response plans and use a third party to test the security team’s work. She said it was critical that corporate business functions and production operations be run on separate networks.