The biggest ransomware attack in 2021 is policymakers, cybersecurity experts and corporate leaders on whether businesses should be banned from paying cybercriminals as part of their efforts to combat growing cyber threats. Further controversy arose among them.

Companies and other organizations caught up in sophisticated hacker crosshairs usually reward criminals for malicious work or lose irreplaceable data in return for regaining control of their computer networks. You have to choose whether to refuse the payment at the expense of resuming operations.

President Joe Biden met with top national security executives and experts on Wednesday to discuss new tactics and policies amid increasing pressure on the administration to find ways to contain the threat.

White House spokesman Jen Psaki later told reporters and authorities told Biden, “What’s new about their work in progress: surge capacity, resilience and reporting, dealing with payment systems, and fighting ransomware. “Our ongoing efforts” were provided. She added that the president “reserves the right to respond to the ransomware network and the networks that contain it.”

File-Staff enters the headquarters of information technology company Kaseya in Miami with dateless still images from the video.

The July 4 holiday weekend attack targeted US-based software supplier Kaseya and more than 1,000 customers worldwide. It was a series of similar invasions resulting from criminal gangs believed to be active from Russia.

Russian-speaking cybercriminal group REvil has been accused of attacking meat processor JBS USA in June, claiming to have infected more than a million “systems” and admitting its latest hit. The group is demanding a $ 70 million ransom in cryptocurrencies in exchange for a “universal” key to unlock affected machines. According to cybersecurity firm Recorded Future, ransomware payments will be the highest ever.

“Terrible situation”

Cybersecurity experts say it’s very unlikely that affected businesses (from Swedish grocery stores to New Zealand kindergartens) will unite to pay the ransom, but the incident is a ransomware attack. It presents the challenges often faced by victims of.

Philip Reiner, Chief Executive Officer of the Security Technology Institute, said: “It’s a terrible situation for the CEO and the board to attend.”

FBI Secretary Christopher A. Wray said companies and organizations targeted by ransomware attacks should not pay hackers to unlock data, but immediately seek help from law enforcement authorities. Stated.

File-JBS processing plant is dormant on June 1, 2021 in Greeley, Colorado. JBS facilities around the world were affected by the ransomware attack, forcing many to shut down.

JBS USA reportedly paid $ 11 million to the hacker who caused the May 30 malware attack that temporarily shut down the company across North America and Australia. Colonial Pipeline paid a ransom of $ 4.4 million after a hacker forced the closure of the largest fuel pipeline in the United States on May 7. The FBI later recovered most of the colonial ransom payments.

In ransomware attacks, hackers lock the victim’s computer network and often hold them hostage until the cryptocurrency ransom is paid. Depending on the magnitude of the attack, this could force the enterprise to shut down its entire operations.

Ransomware attacks have increased both in frequency and severity over the past 1-2 years due to the rise of cryptocurrencies that allow pseudo-anonymous payments and a business model that even unsophisticated cybercriminals can participate in. ..

In addition, as cybercriminals are increasingly targeting critical services such as hospitals and schools, US and other Western officials are treating ransomware as a national security threat. The White House described ransomware as a “national security and economic security priority” in a statement released late Tuesday.

Anne Neuberger, deputy national security adviser for cyber and emerging technologies, told the nonpartisan National Association of Attorneys last month that the Biden administration has four ransomware strategies. Identify and track cryptocurrency criminal transactions and review government ransomware payment policies.

Pay or not pay

One of the most difficult questions facing government authorities is whether companies and other organizations covered by ransomware should be banned from paying ransom. Proponents of the ban argue that ransomware is motivated by profits, so removing financial incentives will drive ransomware criminals out of business. Opponents say banning ransom payments can seriously undermine the efforts of companies to recover their businesses.

File-White House National Security Adviser Anne Neuberger spoke at a press conference in Washington on February 17, 2021.

“This is a very difficult policy decision,” Neuberger said last week at an online event hosted by Silverard Policy Accelerator, a bipartisan policy organization focused on improving US prosperity and competitiveness. It was. “When thinking through it, we need to think about the secondary and tertiary effects and approach with a lot of careful thought.”

In addition, Neuberger said that critical US infrastructure is owned and operated primarily by the private sector, limiting the government’s ability to make business decisions such as whether to pay a ransom. It was.

Instead of banning ransom payments altogether, she showed that the government is considering incentives that the government can offer to organizations to avoid having to pay the ransom first.

“If a company is a victim of ransomware … they are in a difficult situation. There is a process to get the company to that difficult place,” Neuberger said. “What are the incentives we can do to actually reshape the process?”

At the same time, the government is reviewing its policy on whether ransom payments can be kept secret. The scope of the ransomware attack remains uncertain, as many victims have quietly negotiated with ransomware gangs and have not publicly approved payments, Neuberger said.

Meanwhile, some parliamentarians are demanding legislation that requires businesses to notify the government of violations and report all ransom payments.

Senator Mark Warner of the Senate Intelligence Committee said, “What’s happening around ransomware right now is transparent because it doesn’t report any attacks, nor does it report ransomware payments. Need to be increased. ” At NBC’s Meet the Press last month.