The Biden administration is finalising a strategy on how to deter companies from paying out to cybercriminals who hit them with a ransomware attack. Key allies are doing the same.
The White House initiative, months in the making, is being fine tuned against the background of a 2 July supply chain attack on US software provider Kaseya which has locked hundreds of organisations worldwide out of their systems. The incident has been described as the largest-ever ransomware attack.
Other high-profile victims of similar attacks in recent weeks have been meat processor JBS and eastern US fuel supplier Colonial Pipeline, which were both forced to suspend operations for a period.
The National Security Council, which is studying how to stop debilitating attacks on critical infrastructure entities, is considering how to beef up companies’ cyber security and stop the attacks by disincentivising companies from paying out ransoms.
Missed PrivSec Global’s livestream experience?
No problem, simply click here to access the sessions on demand.
There are nearly 50 recommendations, including the government should mandate organisations to report ransom payments and ransomware should be formally designated as a national security threat so it can be prioritised by the intelligence community, US-based broadcaster CNN reported.
The other ‘Five Eyes’ nations, the UK, Canada, Australia and New Zealand which share intelligence with the US, have also been reviewing their strategies to counter ransomware attacks and will likely release them around the same time to send a strong global message, said Megan Stifel, a co-chair of the Ransomware Task Force.
The Biden administration have been pushing with foreign partners to urge cryptocurrency exchanges outside the US to alert governments to suspicious transactions to allow officials to better track and potentially block them.
“The bottom line is ransomware has gone from an economic nuisance, which is how it was perceived back in 2013 and 2014, to a national security threat and a public health and safety threat,” said Michael Daniel, president and CEO of the Cyber Threat Alliance and a former co-chair of the Ransomware Task Force.
“It is no longer just a side-line cybercrime problem, but something that requires a whole-of-government approach to deal with. That’s why it is good that the administration is putting out a strategy focused on ransomware; that is what it is going to take to knock this problem back.”