FBI Director Raises Alarm Over Ransomware Threats to U.S.

The FBI is investigating 100 ransomware variants, stated director Christopher Wray, who revealed that many of them trace back to Russian hackers. He noted that the cyberattacks share “a lot of parallels … a lot of importance, and a lot of focus by us on disruption and prevention” with the September 11 terrorist attacks. Most recently, a ransomware attack on Colonial Pipeline cost its operators $4.4 million to regain control and restore services (however, federal authorities recovered $2.3 million in cryptocurrency yesterday). Another attack targeted JBS, the world’s largest meat processing company. 

Others have involved critical areas such as infrastructure, financial institutions, schools, hospitals, even law enforcement.

The Wall Street Journal reports Wray noted that, “the scale of this problem is one that I think the country has to come to terms with.” President Joe Biden plans to “bring up the problem” during a June 16 summit in Geneva with Russian president Vladimir Putin.

Since Wray became FBI director in 2017, he has “pushed the private sector and international community to collaborate more with the FBI to battle hackers, including those from criminal gangs and foreign intelligence services,” with the goal of piecing “together the puzzle of who was behind the attacks and figure out ways to thwart them.”

Deputy Attorney General Lisa Monaco also “issued a memorandum to U.S. attorney’s offices around the country urging all ransomware investigations to be coordinated with a task force created in April.” At cybersecurity firm Mandiant, vice president of analysis John Hultquist noted that, “we will have to be creative and aggressive if we want to turn back the tide of this problem.”

Ransomware has increased due to “huge profit margins, ease of payments through digital currency and lack of criminal consequences.” In addition, most cyberattacks are aimed at private companies, “most of which operate with little to no federal regulatory oversight of their cybersecurity standards.”

White House deputy national security adviser Anne Neuberger wrote a memo to corporate executives urging them to “immediately convene their leadership teams to discuss the ransomware threat and review corporate security posture and business continuity plans to ensure you have the ability to continue or quickly restore operations.”

The New York Times reports that, currently, “ransomware attacks are striking every eight minutes, crippling hospitals and American mainstays like gas, meat, television, police departments, NBA basketball and minor league baseball teams, even ferries to Martha’s Vineyard.” In addition to high-profile hacks, “American businesses are quietly paying off their digital extortionists and burying breaches in hopes that they never see the light of day.”

China targets U.S. intellectual property and Russia has breached U.S. power and nuclear plants. Former secretary of defense Leon Panetta noted that, “despite the vulnerabilities these attacks reveal, individuals, organizations and policymakers have yet to fundamentally change their behavior.” A “Cyber Pearl Harbor,” he pointed out, could be what’s required for the U.S. to take meaningful action.

VentureBeat reports that, according to cloud security company Forcepoint, “in a survey of 508 global CEOs and CISOs, 90 percent of respondents said they were adopting, or considering, Secure Access Service Edge (SASE) and 74 percent had reallocated funds to cybersecurity.”

The WSJ Intelligence report found that, although “analysts previously estimated 60 percent of enterprises would eventually embrace SASE by 2025 … the pandemic had accelerated many of their plans.”

Related:
U.S. Seizes $2.3 Million in Bitcoin Paid to Colonial Pipeline Hackers, Reuters, 6/7/21
With Cyberattacks on the Rise, Organizations Are Already Bracing for Devastating Quantum Hacks, CNBC, 6/7/21
Hackers Stole $650,000 From Nonprofit and Got Away, Showing Limits to Law Enforcement’s Reach, The Wall Street Journal, 6/7/21