Contents:
Following the recent ransomware attacks, Deputy National Security Advisor, Anne Neuberger requested that US mayors convene a conference with state agency chiefs as soon as possible to assess the US cybersecurity situation.
According to an FBI public service announcement made last year, local governments have been subjected to a steady stream of ransomware attacks in the past years.
Neuberger outlined the measures the Biden Administration has already taken to modernize cyber defenses, including the recent “Improving the Nation’s Cybersecurity” Executive Order (E.O.) and the Administration’s ongoing efforts to partner with the public and private sectors to strengthen cyber defenses including for critical infrastructure. She spoke about the recent public-private Cybersecurity Industrial Control Systems Initiative and its pilot program to strengthen cyber resilience in the electric sector, noting the electric sector pilot will soon be followed by similar initiatives to strengthen the cyber resilience of other critical sectors like pipelines, water, and chemicals. In a reference to her open letter to the private sector, Neuberger reiterated the need for private and public sector partnership to effectively guard against ransomware and urged mayors to immediately convene heads of state agencies to review their cybersecurity posture and continuity plans.
According to the White House National Security Council’s principal cybersecurity adviser, the Biden administration is prepared to provide local and state governments with all the federal resources they might need to respond to cybersecurity crises, as experts from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) are ready to assist at any moment.
Anne Neuberger outlined as well the Administration’s ransomware strategy, which includes:
- disruption of ransomware infrastructure and actors by working closely with the private sector;
- international cooperation to hold countries who harbor ransom actors accountable;
- expanding cryptocurrency analysis to find and pursue criminal transactions;
- and the federal government’s review to build a cohesive and consistent approach towards ransom payments.
Back in June, The Deputy National Security Advisor urged the US business leaders and corporate executives to take ransomware seriously, after the damages seen in the aftermath of the Colonial Pipeline and JBS ransomware attacks.
The threat of ransomware is a national security and economic security priority for the Administration.
Tomorrow the President will convene key leaders across the interagency to discuss ransomware and strategic efforts to counter it.
The Impact of Kaseya Cyberattack on the US Cybersecurity
In related news, the President of the US said that the REvil ransomware attack that hit Florida-based MSP software provider Kaseya caused “minimal” damage to US companies.
It appears to have caused minimal damage to US businesses, but we’re still gathering information to the full extent of the attack. And I’m going to have more to say about this in the next several days.
Kaseya also declared in a press release that the supply-chain ransomware attack had a limited impact even though REvil claimed to have encrypted over 1,000,000 systems.
This is a collaborative effort to remediate the issue and identify the parties responsible so they may be held accountable.
We are beyond grateful for their assistance in getting our customers back online. The immediate action-oriented and solution-based approach of CISA and the FBI, with tremendous overall support from the White House, has proven to be a huge help in ensuring that this attack led only to a very small number of impacted customers. While each and every customer impacted is one too many, the impact of this highly sophisticated attack has proven to be, thankfully, greatly overstated.