They also exposed the limits of the federal government’s ability to prevent major disruptions in American life, at least based on existing laws and the resistance of some private companies to federal interference.

As Biden prepares for his first trip abroad, the issue is expected to play an inordinate role during his talks with European leaders, especially his summit with Russian President Vladimir Putin in Geneva, Switzerland.

The potential for more widespread shutdowns of various industries, affecting more Americans or over longer periods of time, is a major concern within the administration that has only grown as ransomware attacks become more frequent, according to people familiar with the subject.

Yet the White House stopped Friday from describing them as “threats to national security.”

“I certainly think the president sees this as a growing concern for national security,” said press secretary Jen Psaki. She said hacks were “an area where we need to continue to stay focused, to keep our assets, to focus our energy and our intelligence on what we can do about it.”

A delicate dance

Biden said this week he was “closely examining” retaliation in response to a ransomware attack on a major U.S. meat producer, which the White House quickly identified as being carried out by a group working in Russia.

He did not elaborate, but administration officials and others with knowledge of the situation said a multitude of options to dismantle the Russian criminal hacking networks responsible for this attack and others would be likely included in a recently commissioned “strategic review” by Biden.

This includes retaliatory measures, including counterattacks, officials said.

“We always reserve the right to react to unacceptable and harmful behavior or actions,” Psaki said Friday. “Some of these answers are visible and some are invisible.”

The White House described the review as focused on disrupting the ransomware infrastructure, rallying allied support to hold countries like Russia accountable for hosting hacking networks and analyzing transactions. of cryptocurrency to better identify criminals.

The United States considers ransomware groups operating in Russia to have de facto clearance from Moscow, which has not taken significant steps to crack down on their activity. But US sanctions against Russia have become limited in their effectiveness. Since the hackers are not technically state sponsored – unlike those responsible for the SolarWinds attack on government agencies, according to U.S. intelligence agencies – it is trickier to blame Putin on him. -even.

Biden sought to strike a careful balance last month.

“We don’t think the Russian government was involved in this attack,” he said, “but we have good reason to believe that the criminals who carried out the attack are living in Russia.”

Speaking on the sidelines of an economic forum in St. Petersburg on Friday, Putin rejected accusations that Russia was involved.

“I heard about some kind of meat processing factory, some kind of nonsense,” he said. “It’s just ridiculous. The pipeline is just ridiculous.”

Limited response options

Law enforcement officials, including those with experience in the federal government, have said options to prevent ransomware attacks are limited.

“It’s not something the FBI or any single agency is going to be able to solve or prevent. There is nothing we can do. There is no quick fix,” said Andrew McCabe, the former deputy director of the FBI and a senior law enforcement analyst at CNN.

“The biggest area in which the government has fallen behind is to impose significant consequences,” he added. “These actors are not going to stop and the governments – that is to say, Russia – which offer them refuge, which protect them, which allow them to operate from their territory, will never intervene and will stop this until the US government imposes serious impactful consequences. Beyond sanctions, beyond harsh rhetoric. We actually need to start taking action against these people in the space they occupy. “

The White House did not provide a deadline for its review, although officials said it was being conducted urgently. Biden told his aides he believes the U.S. government needs to do more, beyond an executive order he signed last month, to protect vulnerable systems.

This ordinance only applied to federal contractors, but officials said at the time that they expected private companies to follow suit.

Advocacy to take ransomware more seriously

Top White House cybersecurity official Anne Neuberger this week issued a rare open letter to businesses calling on them to treat the threat of ransomware attacks with greater urgency.

“All organizations must recognize that no business is immune to being targeted by ransomware, regardless of its size or location,” Neuberger wrote. “We urge you to take the crime of ransomware seriously and ensure that your corporate cyber defense matches the threat.”

An attack last month on Colonial Pipeline that left gasoline running out, causing fuel shortages along the east coast, made Biden and officials understand the seriousness of the ransomware problem, an official close to the Ransomware said. folder. Biden was at Camp David when the hack came to light and received emergency updates from his national security team.

The problem was previously on the president’s radar, but the speed at which the hack disrupted a major U.S. pipeline surprised the president and shed light on the huge universe of areas that could be affected by ransomware hackers, the manager said.

Ransomware poses an urgent threat to U.S. national and economic security, Deputy Attorney General Lisa Monaco said on CNBC on Friday, calling on U.S. companies to cooperate more with the FBI and disclose to law enforcement when they give in to the pirates’ demands for payment.

Monaco’s remarks are part of a highly visible effort by the Biden administration to convince the public that it is reacting aggressively to the ransomware crisis, which has resulted in widespread disruption in critical industries.

His comments follow claims made by FBI Director Christopher Wray comparing ransomware to 9/11 and the threat of terrorism. When asked if she agreed with Wray’s characterization, Monaco disagreed with the analogy.

“I absolutely agree that we need to treat ransomware and cyber attacks like the national security threat that they are,” she told CNBC. “That’s why we have to have a national image, and we have to put all our tools to work.”

As Biden prepares to embark on his first overseas trip as president, he hopes to elevate the issue with key U.S. allies.

His national security adviser, Jake Sullivan, spoke about the ransomware in phone calls this week with his German and French counterparts, according to White House statements, reflecting the heightened urgency around the issue at the White House.

And that should be a major talking point with Putin at the much-anticipated Geneva summit.

“Ransomware attacks remind us that the cyber domain is subject to misconceptions and that there are dangerous risks of escalation,” Eric Green, senior director for Russia at the National Security Council, said on Friday at a event showcasing Biden’s trip to the Washington think tank. for a new American security.

CNN’s Alex Marquardt, Natasha Bertrand, Kaitlan Collins and Brian Fung contributed to this report.

Leave a Reply

Your email address will not be published.