Successful ransomware attacks happen every eight minutes in the United States. Last year, security firm Recorded Future tracked an estimated 65,000 such intrusions.
Recent cyberattacks shut down gasoline and jet fuel deliveries on the East Coast and temporarily shuttered production from one of the world’s leading pork and beef producers.
The U.S. works to “disrupt and deter” ransomware attackers
The situation, involving much of the nation’s most critical infrastructure, is so precarious that the Biden administration issued a letter to American businesses on June 3, urging them to upgrade security against ransomware attacks.
Deputy National Security Adviser Anne Neuberger drafted the letter, saying the administration is working with (unnamed) partners to interfere with cybercriminals’ efforts to deploy ransomware, which is a type of malware that encrypts digital information until the target pays a ransom.
Companies urged to take defensive steps
American businesses operate and maintain nearly 85% of the nation’s critical infrastructure. But many of these companies have lobbied hard against regulations over minimum levels of cybersecurity. Most of the measures they do take are voluntary. The White House memo says businesses can improve security now by taking two steps:
- Installing a patch for a well-known flaw in VPN networks
- Implementing multi-factor authentication for employees
Security experts identified the VPN flaw more than a year ago. However, many companies have not yet installed the patch, leaving their systems vulnerable. In turn, many companies are compromised when workers respond to a phishing email, entering a password or clicking on a malicious link, providing a gateway for hackers.
Attacks are expected to get worse
Colonial Pipeline paid a $4.4 million ransom to cybercriminals against the FBI’s advice in one of the most recent attacks. But the company didn’t restart fuel deliveries before panic buying of gasoline gripped the East Coast, and airlines ran short of jet fuel.
The attack on JBS, one of the world’s largest beef suppliers, was instigated by a Russian attacker, one of numerous such groups. On the day the White House released the memo, new ransomware attacks were reported on Cox Media Group and the county government in Mobile, Alabama.