Biden Administration Calls for Private Sector Action to Combat Ransomware Attacks

With ransomware attacks on the rise, the Biden administration yesterday called on corporations to take several “highly impactful steps” to help address these “serious” and “increasing” threats. Those steps include implementing the five best practices from President Biden’s recent executive order on improving the nation’s cybersecurity: multifactor authentication, endpoint detection and response, encryption, and a “skilled, empowered security team” that can rapidly patch, share and act on threat information.

In addition to these best practices, the White House said, corporations should also back up their data, system images and configuration, regularly test them, and keep the backups offline; update and patch systems promptly; test their incident response plan; use a third-party to test the firm’s security systems; and segmenting the firm’s networks to ensure business continuity in the event of a cyber attack.

“The private sector . . . has a critical responsibility to protect against these threats,” said the letter to business leaders. “All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location. . . . [W]e urge you to take ransomware crime seriously and ensure your corporate cyber defenses match the threat.”