The White House Urges Businesses to Protect Against Ransomware

“All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location.“

On June 2, 2021, a letter from The White House was sent to U.S. business leaders urging them to take proactive steps to strengthen their cybersecurity.

An Open Letter From The White House

Read the full letter from Ann Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology: Subject: What We Urge You To Do To Protect Against The Threat of Ransomware

An “All-of-Government Effort”

Private and public businesses who had fallen victim to ransomware attacks have increased by more than 150%, causing tremendous expense to remediate the incident, and erosion in trust from existing and future business opportunities.

When the Colonial Pipeline, the largest refined oil pipeline system in the U.S., fell victim to a ransomware attack, it forced the business into shutting down its operations for 6 days, and paying the $4.4 million dollar ransom. The broader impact of this attack caused a severe consumer gas shortage on the U.S. East Coast, which drove the price of gas up throughout most of the country.

Days later, affected states declared a state of emergency, and The White House issued a statement on an “all-of-government” effort to secure energy supply chains.

The Colonial Pipeline ransomware attack was reported to have originated from a leaked password found on the Dark Web which could access the company’s VPN (Virtual Private Network). Since the VPN did not require multi-factor authentication to access, the cybercriminals easily penetrated the Colonial Pipeline’s network and threatened to leak sensitive data unless the ransom was paid.

How Does Ransomware Work?

Ransomware is a type of malware that infects a computer or server. Once the ransomware is installed on a device, the attacker uses encryption to block the user from gaining access to important files. These files can be customer information, payroll, or any other types of sensitive information inside an organization. The attackers leave a message on the infected machine demanding that the user sends money, usually in digital currency like Bitcoin, in exchange for unlocking the files.

Often, data locked by ransomware cannot be decrypted, even by security specialists. If your data is not backed up appropriately, you may have little choice but to rebuild from scratch. The attacker may unlock the encrypted data, but it’s not a guarantee. And even if you do get your data back, ransomware can cause significant business interruption and downtime.

Defendify Tip: Choosing to pay or not to pay is a difficult decision. The key to defend against ransomware is by practicing regular cybersecurity assessments and tests, having policies on technology use and providing regular awareness training for the entire team, scanning networks and devices for malicious activity, and having the means to proactively contain a breach. In addition, always keep backups of your data.

Addressing the Growing Ransomware Threat

With estimates totaling $19+ billion dollars in combined ransomware payment and downtime costs made by U.S. organizations impacted by a ransomware attack, a recent Executive Order from The White House placed new cybersecurity requirements on organizations who provide products and services to U.S. Federal agencies.

The White House has since shared many of these requirements in their June 2, 2021 letter to private sector business leaders as guidance to encourage these organizations to strengthen their cybersecurity against evolving ransomware attacks.

“To understand your risk, business executives should immediately convene their leadership teams to discuss the ransomware threat and review corporate security posture and business continuity plans to ensure you have the ability to continue or quickly restore operations.“

The White House cybersecurity recommendations for business leaders include:

1. Implement the five best practices from the President’s Executive Order (14028).
2. Backup your data, system images, and configurations, regularly test them, and keep the backups offline.
3. Update and patch systems promptly.
4. Test your incident response plan.
5. Check your Security team’s work.
6. Segment your networks.

Read the full open letter from The White House with more details on the categories above and resources to help strengthen overall cybersecurity.

Building Up Defenses Against Ransomware

‘We urge you to take ransomware crime seriously and ensure your corporate cyber defenses match the threat.”

Organizations with limited security resources and staff often can’t manage a comprehensive (and often expensive) cybersecurity program. That said, protecting data across your entire organization does not mean you will need to build a complicated security technology stack, and hire an internal team of security experts to manage it 24/7.

Defendify can help streamline cybersecurity assessments, testing, policies, training, detection and response through an easy-to-use platform designed to continuously strengthen cybersecurity across people, process, and technology. Recently awarded “2021 Best in SMB Cybersecurity” by Cyber Defense Magazine, Defendify is trusted by thousands of global users to build up cybersecurity defenses that help detect and defeat today’s sophisticated cyber threats.

More cybersecurity resources you might be interested in:

Presentation: Unpacking Executive Order 14028: Improving the Nation’s Cybersecurity
Free Stolen Password Scan: See if your credentials are on the Dark Web
Blog: No Security Team? No Problem.