The Biden administration has issued five best practices businesses can immediately enact to limit their exposure to a ransomware attack.
“The threats are serious and they are increasing,” Anne Neuberger, Biden’s deputy national security advisor for cyber and emerging technology, wrote in a new memorandum, according to multiple media outlets. Neuberger’s communication follows the White House’s heightened interest in securing alliances with the private sector to jointly combat cyber attacks. “The private sector also has a critical responsibility to protect against these threats, she said. “All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location,” she said.
The White House memo lists five best practices organizations can adopt to protect against ransomware hijackings that map directly to similar guidelines repeatedly offered by security specialists:
- Backup your data, system images, and configurations, regularly test them, and keep the backups offline.
- Update and patch systems promptly, including maintaining the security of operating systems, applications, and firmware, in a timely manner. Consider using a centralized patch management system.
- Test your incident response plan. Run through some core questions and use those to build an incident response plan.
- Check your security team’s work. Use a third-party pen tester to test the security of your systems and your ability to defend against a sophisticated attack.
- Segment your networks. Carefully filter and limit internet access to operational networks, identify links between these networks and develop workarounds or manual controls to ensure ICS networks can be isolated and continue operating if your corporate network is compromised.
“To understand your risk, business executives should immediately convene their leadership teams to discuss the ransomware threat and review corporate security posture and business continuity plans to ensure you have the ability to continue or quickly restore operations,” Neuberger wrote. “We urge you to take these critical steps to protect your organizations and the American public.”
The bulletin follows a recent spate of destructive, high profile ransomware attacks and hacks aimed U.S. and global critical infrastructure and corporations, most notably:
- Colonial Pipeline energy attack
- Avaddon ransomware-as-a-service
- Conti healthcare attacks
- CNA financial
- AXA insurance
- HSE, Ireland's health service
- JBS food processor
- SolarWinds
