White House urges private companies to protect themselves from ransomware attacks

The White House has sent an open letter to private companies to take urgent actions to protect themselves against ransomware attacks, following major attacks by Russian hackers on oil pipelines and food processing companies.

Anne Neuberger, the National Security Council's senior cyber officer, writes to corporate executives and industry leaders in a letter, sent out Thursday morning. 

"All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location," Neuberger said in the letter. "But there are immediate steps you can take to protect yourself, as well as your customers and the broader economy," The Washington Post reported.

She advised businesses to take many of the same defensive measures that the government has lately requested of federal agencies and companies that do business with the government.

The letter comes after JBS Foods, the world's largest meat supplier, announced that it had been struck by a cyberattack attributed by the FBI to Russian hackers – REvil and Sodinokibi, causing key areas of its operations to be shut down. Late Wednesday, the business stated that it planned to be operating near full capacity by Thursday.

"The most important takeaway from the recent spate of ransomware attacks on U.S., Irish, German and other organizations around the world is that companies that view ransomware as a threat to their core business operations rather than a simple risk of data theft will react and recover more effectively," Neuberger said in the letter.

Ransomware has risen to the top of President Joe Biden's national security priority list as a result of the recent cyberattacks. It is likely to be discussed in Europe next week, at meetings with allies, and during his summit with Russian President Vladimir Putin. The government accuses Russia of carrying out cyberattacks on the US as well as housing ransomware hackers.

Neuberger observed a “recent change in ransomware attacks – from data theft to disruption of operations.” She recommended companies ensure that their "corporate business functions and manufacturing/production processes are segregated," so that an attack on business records, such as emails or billing procedures, does not disrupt vital production and supply lines.

The letter, written by Neuberger was also sent to important companies that work with the Department of Homeland Security's agency in charge of protecting critical infrastructure, the Cybersecurity, and Infrastructure Security Agency.

The ransomware attack on the Colonial Pipeline Company last month, followed by the weekend attack on JBS USA, a major meat manufacturer, demonstrates how these attacks can damage businesses and essential industries across the United States.

As the White House released its statement on Thursday, the Cox Group, which has 57 radio and television stations in 20 American markets, was targeted by ransomware attacks. The administration of Mobile County, Alabama, said late Wednesday that its systems had been held captive with ransomware, NYT reported.

Picture Credits: FCW