The White House warned corporate executives and business leaders on Thursday to step up security measures to protect against ransomware attacks after intrusions disrupted operations at a meatpacking company and a southeastern oil pipeline.
There has been a significant hike in the frequency and size of ransomware attacks, Anne Neuberger, cybersecurity adviser at the National Security Council, said in a letter.
“The threats are serious and they are increasing. We urge you to take these critical steps to protect your organizations and the American public,” she added.
The recent cyberattacks have forced companies to see ransomware as a threat to core business operations and not just data theft, as ransomware attacks have shifted from stealing to disrupting operations, she said.
Strengthening the country’s resilience to cyberattacks was one of President Joe Biden’s top priorities, she added.
“The private sector also has a critical responsibility to protect against these threats. All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location,” Neuberger wrote.
The letter came after a major meatpacker resumed U.S. operations on Wednesday following a ransomware attack that disrupted meat production in North America and Australia.
A Russia-linked hacking group that goes by the name of REvil and Sodinokibi was behind the cyberattack against JBS SA , a source familiar with the matter told Reuters.
The cyberattack followed one last month by a group with ties to Russia on Colonial Pipeline, the largest fuel pipeline in the United States, which crippled fuel delivery for several days in the U.S. Southeast.
Biden believes Russian President Vladimir Putin has a role to play in preventing these attacks and planned to bring up the issue during their summit this month, White House press secretary Jen Psaki said on Wednesday.
Neuberger’s letter outlined immediate steps companies can take to protect themselves from ransomware attacks, which can have ripple effects far beyond the company and its customers.
Those include best practices such as multifactor authentication, endpoint detection and response, encryption and a skilled security team. Companies should back up data and regularly test systems, as well as update and patch systems promptly.
Neuberger advised that companies test incident response plans and use a third party to test the security team’s work.
She said it was critical that corporate business functions and production operations be run on separate networks.
(Reporting by Doina Chiacu Editing by David Holmes and Steve Orlofsky)