CEOs should now put together for the exponential improve in ransomware assaults, the DOJ high official says
A senior Justice Department official warned Friday that US business leaders must do more to prepare for an onslaught of ransomware attacks by foreign states and criminal groups.
"The message has to be to viewers here, CEOs across the country, that they are seeing the exponential increase in these attacks," said Lisa Monaco, Assistant Attorney General, CNBC's Eamon Javers, in her first television interview since joining the Justice Department in April .
Monaco, which has spearheaded the DOJ's efforts to deter cyberattacks, said the recent high-profile hacks on the Colonial Pipeline and meat processing company JBS mirror the types of break-ins that happen every day.
"If you don't take steps – today and now – to understand how to make your business more resilient, what is your plan?" Said Monaco, addressing business leaders. "If your chief security officer came up to you today and said, 'We've been met, boss,' what's your plan? You know, and does your chief security officer know the name and number of the FBI officer closest to you? Who cares about ransomware attacks? These are steps you must take now – today – to become more resilient. "
Monaco, who was a homeland security advisor to former President Barack Obama, issued a memo to the country's federal attorneys on Thursday calling for the reporting of ransomware attacks to be centralized. Shortly after joining the DOJ, she initiated a 120-day review of the cybersecurity challenges the department is facing.
"What we are doing here at the Justice Department reflects the threat that ransomware poses to national and economic security," Monaco said.
The two most recently published attacks against Colonial Pipeline and JBS have been linked to criminal groups in Russia. Monaco declined to speculate on whether Russian President Vladimir Putin, a U.S. opponent, played a role in the debilitating raids.
“We know that the recent attacks against JBS Foods and Colonial Pipeline have actually been linked to criminal actors, criminal groups known to law enforcement and ties to Russia, and these are attackers who have already struck, it reflects one persistent threat, "said Monaco.
"Today, Eamon, businesses are actually being attacked by ransomware attacks, from malicious cyber attackers, whether they are criminals, nation-states, or what we call a" mixed threat "of the two," she added .
JBS, the world's largest meat packer, was hit by a cyberattack on Monday that affected its operations in North America. As of Tuesday, the company said it had made significant strides in restoring the internet but did not reveal whether it paid a ransom.
Monaco said it doesn't know if the company paid a ransom. But she said, "I think we need to know" when companies are paying in response to attacks. Investigators, including the FBI, should be able to "follow that money," she said, none of the fact that it is often paid for in cryptocurrency.
Colonial Pipeline CEO Joseph Blount said his company paid a ransom of $ 4.4 million in bitcoin to DarkSide, the criminal group behind the attack. DarkSide self-closed in May but had reportedly received $ 90 million in bitcoin ransom payments.
"The use of cryptocurrency can of course have many good applications, but we have to be aware of the abuse, the abuse of criminal actors in this area," said Monaco. "So we need both the exchanges and the companies that are going to work with them to really work with the FBI."
Monaco also said that it is vital for companies – especially those that are publicly traded – to disclose when they have been hit by ransomware attacks.
“It is important for the public to understand the steps companies are taking to make themselves more resilient,” she said.
Also on Friday, the FBI released a statement on the recent ransomware attacks, calling its investigation "top priority".
"The FBI has a long history of addressing unique challenges in cyberspace and of imposing risks and ramifications on our nation's cyber adversaries," it said. "Thanks to trusting relationships with our partners from the private sector, we are indispensable in the fight against cyberattacks."