“Harboring criminal entities that are intending to do harm, that are doing harm to the critical infrastructure in the United States is not acceptable. We’re not going to stand by that, we will raise that, and we are not going to take options off the table,” White House press secretary Jen Psaki said Wednesday.
This is a business model. But this is larger than a standoff between countries as these criminal hackers target the US. Everything on the internet is at risk.
That people are paying, then, means this phenomenon is going to get worse before it gets better.
“I think the takeaway is that if you are a corporate executive or a local government head and you thought that you would be spared, guess what? They went after your gas, they went after your hotdogs, no one is out of bounds here. Everyone is in play in every single corporation,” Christopher Krebs, former director of the US Cybersecurity and Infrastructure Security Agency, on recent ransomware attacks, told NBC’s Today show.
Cyber hygiene is necessary. Every US company and organization needs to protect itself, said Eric Goldstein, the current assistant director at CISA, in a statement.
“Regardless of the ransomware actor or strain, good cyber hygiene is highly effective in reducing the impacts of an intrusion. Our joint advisory released after the Colonial Pipeline attack provides critical guidance for all organizations.”
The hack of the world’s largest meat producer, JBS, a Brazilian company whose subsidiaries control a quarter of US beef processing and a large portion of pork processing, was disclosed Tuesday by the White House, which promised to re-focus on the issue and to raise it with Russia, the government thought to be harboring hackers.
It’s not clear, of course, if the company is paying the ransom. If they’re getting back online this quickly, you’ve certainly got to assume they could have.
The FBI on Thursday attributed the JBS cyberattack to REvil and Sodinokibi ransomware and praised the meat company for quickly responding to the hack.
“We have attributed the JBS attack to REvil and Sodinokibi and are working diligently to bring the threat actors to justice. We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable,” the FBI said in a statement. “A cyber attack on one is an attack on us all.”
But there are so many hacks we don’t hear about.
The FBI issued an alert in May, for instance, which was published by the American Hospital Association, that a ransomware variant known as Conti had targeted “US healthcare and first responder networks, including law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities within the last year.” The FBI has identified 16 Conti attacks in the US this year, which are among 400 total known Conti attacks, 290 of which are in the US.