The U.S. administration is stepping up efforts by working with like-minded partners around the world to disrupt and deter ransomware threats. This move it hopes will help tackle the rising number and size of ransomware incidents and strengthen the nation’s resilience from cyberattacks, both in the private and public sector.
The efforts of U.S. President Joe Biden’s administration include disrupting ransomware networks, working with international partnerships to hold countries that harbor ransomware actors accountable, developing cohesive and consistent policies towards ransom payments, and enabling rapid tracing and interdiction of virtual currency proceeds, according to a memo addressed to corporate executives and business leaders.
“The private sector also has a critical responsibility to protect against these threats. All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location,” Anne Neuberger, deputy assistant to the president and deputy National Security Advisor for cyber and emerging technology, wrote in the memo. “But there are immediate steps you can take to protect yourself, as well as your customers and the broader economy. Much as our homes have locks and alarm systems and our office buildings have guards and security to meet the threat of theft, we urge you to take ransomware crime seriously and ensure your corporate cyber defenses match the threat.”
The federal government proposes that business executives should immediately convene their leadership teams to discuss ransomware threats and review corporate security postures. Assessing business continuity plans will also help gauge the ability to continue or quickly restore operations.
Ransomware threats, and subsequent attacks, have disrupted organizations around the world, from hospitals across Ireland, Germany and France, to pipelines in the U.S. and banks in the U.K. The U.S. government is working with other countries to hold ransomware hackers and the countries who harbor them accountable, but it cannot fight the threat posed by ransomware alone. The private sector has a distinct and key responsibility, and the federal government stands ready to help it implement these best practices.
The administration proposes a list of priority actions, including implementing multi-factor authentication (MFA), endpoint detection capabilities, incident response capabilities, use of encryption, and developing a skilled, empowered security team. In addition, it advised both the public and private sector to backup data, system images, and configurations, regularly test them, and keep the backups offline; update and patch systems promptly; test their incident response plan; check security team’s work, and segment networks.
“The threats are serious and they are increasing. We urge you to take these critical steps to protect your organizations and the American public,” Neuberger added.
There have been a string of ransomware threats and exploits affecting industries across sectors, disrupting operations at industrial units and the critical infrastructure segments, including fuel pipeline operations. It is widely believed that the rise of such cybersecurity incidents has been due to a number of factors, including the remote working model adopted by most companies following the COVID-19 pandemic, the allure of cryptocurrency, and an increase in state-sponsored cyberattacks.
Industries in many countries have been recently attacked by ransomware, prompting the government’s moves. Fujifilm has been carrying out an investigation into possible unauthorized access to its server from outside of the company. The Japanese conglomerate has set up a special Task Force, including external experts, and “all networks and servers were shut down to determine the extent and the scale of the issue,” Fujifilm said in its statement on Friday.
“We confirmed that the unauthorized access we became aware of in the late evening of June 1, 2021 was a ransomware attack. We also confirmed that the impact of unauthorized access is confined to a specific network in Japan,” according to Fujifilm. “Starting today, with a clear understanding of the extent of the impact, we have begun to bring the network, servers, and computers confirmed safe back into operation.”
Ransomware exploits hit a ferry service operating out of Massachusetts, disrupting passengers and commercial traffic. The Steamship Authority, which runs to Martha’s Vineyard and Nantucket, revealed that the attack struck early on Wednesday morning, local time. On Sunday, the firm’s ticketing processes, including online and phone reservations, will continue to be affected.