WASHINGTON – The Biden administration is sounding increasingly urgent alarms about high-profile ransomware attacks that have caused widespread gas shortages, shut down meat processing plants and paralyzed hospitals, as officials step up efforts to combat cyber threats.
Christopher A. Wray, the director of the FBI, told The Wall Street Journal in an interview published Friday that the ransomware threat was comparable to the challenge of global terrorism in the days following the 9/11 attacks. of 2001.
“There are a lot of parallels, there is a lot of importance and a lot of attention on our part in disruption and prevention,” Wray said. “There is a shared responsibility, not only between government agencies, but also between the private sector and even the average American.”
The FBI, Wray said, is investigating 100 different software variants that have been used in various ransomware attacks, demonstrating the extent of the problem.
Mr Wray’s comments came after the Biden administration warned companies on Thursday that they needed to take urgent action to improve their cybersecurity and defend themselves against ransomware attacks. One of these attacks this week against a meat processor, JBS, forced the shutdown of nine beef plants and disrupted poultry and pork production. Last year, a large number of ransomware attacks in hospitals caused widespread concern.
A ransomware attack on Colonial Pipeline in May caused the company to close one of the country’s largest fuel pipelines, creating gas shortages across the east coast. Immediately after that attack, U.S. officials said Colonial’s cyber defenses were far from adequate and had done too little to defend themselves.
Ransomware is a form of malicious software that encrypts an organization’s data, rendering it unusable until money is paid to cybercriminals. Colonial Pipeline paid millions of dollars to release its data.
Although most ransomware attacks are carried out by criminal networks, some Russian and Chinese groups operate with the implicit blessing of their governments. In return, some criminal groups work for the spy agencies in these countries and take steps to ensure that local businesses are not affected.
Wray told the newspaper that Russia was hosting some of the most dangerous ransomware groups.
“If the Russian government wants to show that it is taking this issue seriously, there is a lot of room to demonstrate certain real progress that we are not seeing right now,” Wray said.
The Biden administration is looking for ways to pressure the Russian government to rule in its cybercrimes. Officials expect Russian President Vladimir V. Putin to raise the issue of cybersecurity at his next summit with Mr Biden.
Anne Neuberger, the deputy national security adviser for cyber and emerging technologies, wrote Thursday in an open letter to corporations that the Biden administration was working with partners “to interrupt and deter” attacks. Ms Neuberger noted “a recent shift in ransomware attacks: from stealing data to disrupting operations.”
Mr. Wray’s comments were based on Mrs. Neuberger’s note. In his interview with The Journal, he said the pipeline attack had shown Americans how a cyberattack could affect their daily lives.
“Now realize that it can affect them when they buy petrol at the bomb or buy a burger; I think there is now a growing awareness of how much we are all together in this struggle,” he told the newspaper.
Any company that has waited for warnings from the federal government is already acting too late, Ofer Israeli, chief executive of Illusive Networks, a cybersecurity company, said Friday. But, he added, Mr. Wray’s comments and the administration’s efforts to raise the priority of responding to ransomware attacks were welcome.
“While it may be surprising to see things like Colonial Pipeline or JBS in the same conversation as events like 9/11, the two are not entirely different,” Israel said. “As the attackers continue to damage our nation’s critical infrastructure, major disruptions must be expected. Without clear direction on how to build a more robust defense, these disruptions will become disastrous. “
Last month, the Biden administration established an executive order that meant a first step in strengthening cybersecurity and included efforts to create review boards to study cyberattacks and collect lessons learned.
Cybersecurity experts have praised the steps taken by the Biden administration, but also said that companies need to think more creatively about the kind of defenses they have established.
“I would say that cybersecurity has tended largely to focus on cyber defense, building wide, deep moats, building strong, high-quality walls, and concentrating efforts on trying to prevent an opponent from accessing it,” withdrew the adm. Michael S Rogers, a former director of the National Security Agency, said in an interview last month.
But Admiral Rogers, who now advises cybersecurity companies, said such defenses were not enough.
“The second component of cybersecurity is not just cyber defense, but it will be resistance,” he said. “It’s this idea of,‘ Hey, then, how do I continue to operate when an opponent enters my network? “