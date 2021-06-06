WASHINGTON – For years, the federal government treated ransomware as a criminal menace – not as urgent as hacking by foreign spies. But after a spasm of high-profile attacks that jarred the nation, the U.S. government now has begun framing the issue as a matter of national – and global – security.
The FBI director this week compared it to the challenge posed by the Sept. 11, 2001, terrorist attacks. On Thursday, a top White House cyber official urged corporate America to strengthen its computer security. And on Friday, the White House said that President Joe Biden will raise the issue of Russia's harboring ransomware criminals when he meets with Russian President Vladimir Putin next week in Geneva.
"We know that the ransomware threat is urgent, it's complex, and it's been increasing over the last several years," White House press secretary Jen Psaki said. "It feels new to us over the last couple of weeks, but it has been increasing rapidly around the world over the last several years."
She noted this week that many of the world leaders with whom Biden will gather at the annual Group of Seven meeting next week "have similar concerns."
Until about a year and a half ago, ransomware extortion – in which hackers lock up victims' machines with malware and then demand hefty fees to unlock the data – was seen primarily as cybercrime. It afflicted schools, hospitals and businesses, but the disruptions were considered isolated. No one was known to have died, and the disruptions were limited to the entities that were hacked.
Then came the pipeline attack last month that shut down almost half the East Coast fuel supply. That was followed this week by another that threatened the nation's largest meat supplier, and quickly it became painfully apparent that malware devised by criminals could have effects that threaten national security.
"I don't think that attention is going to go away anytime soon," said Michael Phillips, co-chairman of the Ransomware Task Force, a group of industry, government and academic experts that in April produced a set of recommendations for the Biden administration on combating ransomware. "People want to know that the U.S. government can protect them from these kinds of attacks."
After the Colonial Pipeline attack last month, Biden launched an initiative to address the dangers of ransomware, including the creation of a global coalition to hold countries that shelter ransomware criminals accountable. The spadework for that began shortly after Biden took office, and the initiative complements an executive order he signed last month to shore up the federal government's digital defenses, an effort the administration hopes will spur the private sector to bolster its own cybersecurity.
One of the strategy's most significant elements is to remove the cloak of anonymity around the digital ransoms victims pay, to crack down on the criminals. The ransoms can run into the millions of dollars – Colonial Pipeline paid $4.4 million last month to a Russia-based group – paid out in cryptocurrencies like bitcoin.