1. News
June 7, 2021

Biden administration tells businesses to seriously ramp up cybersecurity

By Eric Johansson

US businesses have even more reasons to ramp up their cybersecurity after the White House doubled down on measures to tackle the threat of ransomware attacks.

Last week, the US Department of Justice essentially equated ransomware attacks – like the ones crippling meat packing business JBS and Colonial Pipeline in recent headlines – a similar priority to terrorism by advising US attorney offices to send information on hack attacks to a centrally coordinated task force.

On Sunday, US commerce secretary Gina Raimondo incentivised businesses’ cybersecurity efforts further by saying the White House considered all options, including military action, against ransomware criminals, Reuters reported.

“We’re not taking anything off the table as we think about possible repercussions, consequences or retaliation,” Raimondo said.

The news comes as Biden is gearing up to meet with Russian president Vladimir Putin next week. During the Geneva summit on 16 June, the two world leaders are expected to address the rising threat of ransomware gangs.

Russia is believed to harbour and directly support ransomware gangs, including the perpetrators  behind the SolarWinds supply chain attack in December 2020 that compromised US government departments like Energy, the Treasury and Commerce as well as a total of 18,000 organisations across the globe.

In April, both US and UK intelligence agencies officially stated that the SolarWinds hackers belonged to the Russian Foreign Intelligence Service, the Sluzhba Vneshney Razvedki (SVR), descendant of the foreign-operations arms of the Cold War KGB.

The White House retaliated against the hack – as well as election interference and allegedly putting bounties on US soldiers in Afghanistan – by announcing another wave of sanctions against Moscow. Up to 30 Russian entities were blacklisted and ten Russian diplomats were expelled from the US.

In May, Biden also proposed an allocation of $2.1bn for the Cybersecurity and Infrastructure Security Agency, representing a $110m increase from the 2021 enacted level.

Despite the White House putting ransomware attacks on the same level as terrorism, the $721.5bn, US Department of Defence budget suggest that there’s still some discrepancy in terms of the budgeting to tackle hack attacks and terrorism.