WASHINGTON — The White House is urging private companies to take “immediate steps” to better protect themselves against ransomware attacks following a pair of high-profile episodes in which hackers, allegedly located in Russia, targeted a major oil pipeline company and a meat supplier with operations in the United States.

In an open letter to “corporate executives and business leaders,” the National Security Council’s top cyber official said strengthening the nation’s resistance to cyberattacks is a top priority for President Biden. But she also stressed that “the private sector has a distinct and key responsibility.”

“All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location,” Anne Neuberger, deputy national security adviser for cyber and emerging technology, said in the letter, dated Wednesday. “But there are immediate steps you can take to protect yourself, as well as your customers and the broader economy.”

The letter, which The Washington Post obtained from the White House, suggests a half-dozen steps that companies should take, including backing up their data, segmenting their networks and testing an incident response plan.

The letter follows a ransomware attack last month on Colonial Pipeline, followed by an attack disclosed over the weekend on JBS, a global meat supplier with operations in the United States.

On Wednesday, the FBI attributed the attack to a Russian-linked group known as both REvil and Sodinokibi. The disruption in meat supplies came as consumers already are paying more for steaks, chops and roasts because of the pandemic.

“The most important takeaway from the recent spate of ransomware attacks on U.S., Irish, German and other organizations around the world is that companies that view ransomware as a threat to their core business operations rather than a simple risk of data theft will react and recover more effectively,” Neuberger said in the letter.

Speaking Thursday at a briefing for reporters, White House press secretary Jen Psaki repeated earlier advice to companies not to pay ransom when attacked.

“Our guidance continues to be from the FBI that companies should not pay ransom because it incentivizes these attacks on other companies,” she said.

Biden plans to discuss Russia’s role in policing “ransomware criminals” within its borders when he holds a summit June 16 with Russian President Vladimir Putin, Psaki said Wednesday.

“There will be an opportunity for the president to discuss this directly with President Putin, to reiterate the fact that we believe that responsible states do not harbor ransomware criminals,” Psaki told reporters during a White House briefing. “We will continue to be in touch with Moscow. We will continue to make the case that responsible countries need to take decisive action against ransomware networks.”

Asked how the United States might respond, Psaki said, “We’re not taking options off the table.”

Comments are not available on this story.

« Previous

Biden offers tax deal to Republicans in infrastructure talks

Next »

White-knuckle thriller for AMC Entertainment as it sells stock into frenzy