Biden Considers U.S. Response to Growing Ransomware Threat

July 8, 2021 by

President Joe Biden on Wednesday discussed the possibility of responding to a spate of ransomware attacks against U.S. entities that are believed to be perpetrated by Russian-linked hackers, a growing concern for his administration.

Biden gathered members of his national security team in a morning meeting to develop a strategy against the attacks, according to White House Press Secretary Jen Psaki. She would not say if the administration has attributed the attacks to the Russian government or criminal actors, or if the U.S. has decided to respond.

“What they did discuss is the fact that the president reserves the right to respond against any ransomware networks and those that harbor them. That continues to be his policy,” Psaki told reporters aboard Air Force One as Biden traveled to Illinois.

Psaki said senior national security officials have engaged with the Russian government about the cyber and ransomware attacks, and both countries have also held expert-level talks about the issue.

The assaults have nonetheless continued, even after Biden set red lines for cyberattacks during a summit in Geneva last month with Russian President Vladimir Putin. At that meeting, Biden said he gave Putin a list of 16 critical sectors that, if attacked, could provoke U.S. retaliation.

Biden is coming under pressure to respond following an audacious attack over the July 4 holiday weekend that affected more than 1,000 businesses with victims in at least 17 countries, according to cybersecurity researchers. A Russia-linked ransomware gang known as REvil is believed to be behind the attack, which exploited multiple previously unknown vulnerabilities in IT management software made by Kaseya Ltd.

That was followed by a cyberattack against the Republican National Committee by a network of Russian government hackers, according to two people familiar with the matter. Psaki said the U.S. is investigating the attack, but did not say whether the administration has attributed it to the Russians.

House Republican Leader Kevin McCarthy has said the Kaseya attack showed that Biden was “weak on Putin” during their Geneva summit. His political ally Donald Trump was reluctant to criticize Russia for hacking and election interference throughout his presidency.

But Democratic Senator Richard Blumenthal also urged Biden to respond to Putin.

Another major ransomware attack has paralyzed American businesses. If this was masterminded by Russian cybercriminals, as has been reported, it couldn’t happen without Putin’s green light. The time for words&warnings is over. He only understands firm, proportionate consequences. https://t.co/tSWTjCJUlU

— Richard Blumenthal (@SenBlumenthal) July 3, 2021

In ransomware attacks, hackers encrypt a victim’s computer network and demand a ransom to decrypt it. Ransomware groups also sometimes steal documents and demand money not to make them public, a second form of extortion.

Ransomware attacks globally increased 41 percent since the beginning of the year and 93 percent year-over-year, Check Point Software Technologies said last month.

The White House has ramped up discussions about the issue in the wake of the incidents. Deputy national security adviser for cyber and emerging technologies, Anne Neuberger, discussed ransomware vulnerabilities and strategies with the U.S. Conference of Mayors on Tuesday.

Cities and towns and local institutions, including hospitals, have fallen victim to attacks. Neuberger, in the virtual meeting, told the mayors that a recent pilot program to bolster the defenses of electric utilities would “soon be followed by similar initiatives to strengthen the cyber resilience of other critical sectors like pipelines, water, and chemicals,” the White House said. The statement did not elaborate.

She pledged that that local and state and governments would “have the full resources of the federal government when responding to a cyber incident, including the assistance of cybersecurity professionals from the FBI and the Cybersecurity and Infrastructure Security Agency,” the White House added.

Neuberger said the administration’s strategy included international efforts to hold nations where ransomware crews operate responsible.

Top Photo: U.S. President Joe Biden Photographer: Sarah Silbiger/UPI/Bloomberg