One thing is for certain, the Biden Administration spends a lot of time talking about cyber threats and cyber attacks.
But is it being consistent with how it talks about these challenges?
We heard something surprising during a White House press conference this week that was in contrast to the usual messaging.
Secretary of State calls out Russia on ransomware attacks
In May, President Biden issued an Executive Order, detailing plans to improve cybersecurity in both the public and private sector.
And often, the administration has talked tough on nation-state cyber attacks.
That continued this week when Secretary of State Antony Blinken spoke with CNN Español to discuss the recent ransomware attacks that have affected U.S. infrastructure.
Blinken believes that more countries need to hold cybercriminal groups accountable when these groups are hiding in their country.
"I think it's the obligation of any country to do whatever it can to find these enterprises, and to bring them to justice, including in the case of the attack on the Colonial Pipeline. The enterprise that was responsible [for] that attack, its leaders were in Russia, are in Russia, so I think there's an obligation on Russia's part to make sure that that doesn't continue."
He also mentions that countries can no longer look the other way on hacking:
"Countries around the world [need] to make commitments and then make good on those commitments, not to harbor criminal enterprises that engage in these attacks and on the contrary to seek them out and to stop them."
Press Secretary sends different message on ransomware
Typically, we have heard the administration say that the solution to ransomware is one that involves both the public and private sectors.
However, in a press conference on June 2, Press Secretary Jen Psaki said that the recent attacks are a private sector versus a criminal enterprise problem, contrary to previous messaging from the White House.
Reporter question: "On the JBS hack, these hackers based in Russia have disrupted American gas supplies and American meat supplies. Why do you think that these ransomware attacks have been rising since President Biden took office?"
Press Secretary Jen Psaki: "Well, first I would say these are private sector entities who have a responsibility to put in place measures to protect their own cyber security. As it relates to why criminal actors are taking actions against private sector entities, I don't think I'm the right one to speak to that."
Reporter question: "So total coincidence?"
Psaki: "I think you could certainly go track down those cyber criminals in Russia and have a good chat with them."
It is difficult to say why Psaki made these comments, but this does seem to be a different take on the recent ransomware attacks.
White House memo to business leaders on ransomware
The day after Psaki's comments, the Biden Administration made clear to business leaders that they need to step up their game in cybersecurity.
The National Security Council's top cyber official, Anne Neuberger, wrote an open letter and had this to say:
"All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location. We urge you to take ransomware crime seriously and ensure your corporate cyber defense match the threat.
The most important takeaway from the recent spate of ransomware attacks on U.S., Irish, German and other organizations around the world is that companies that view ransomware as a threat to their core business operations rather than a simple risk of data theft will react and recover more effectively."
Neuberger also suggests that companies "immediately convene their leadership teams" to assess their risk exposure.
Cybersecurity industry reaction to White House ransomware comments
Following these comments, cybersecurity experts began to share their thoughts on the current landscape of ransomware and what the memo really means.
Rick Holland, CISO and VP of Strategy at Digital Shadows, said:
"Anne Neuberger's memo to 'corporate executives and business leaders' presents an opportunity for security leaders to move their security agenda forward. The extortion threat is a clear and present danger, and despite internal efforts, often, it takes external guidance to help justify budget and resources.
The memo ends with 'the federal government stands ready to help you implement these best practices.' This is an interesting statement as many of the recommendations require significant investments in time and money. I don't see how the Federal government will help with the costs of implementing the recommended best practices."
To be fair, the way the government and the private sector talk about information security evolves along with the threat landscape. And right now, that landscape is being dominated by ransomware attacks.
Cyber attorney Shawn Tuma summed up the threat while presenting at a recent SecureWorld conference:
"I believe cybersecurity and especially ransomware is the single greatest threat that companies face. As we sit here today, more than COVID shutdowns, more than fluctuating currency, all these other things. This is the biggest issue, because this is literally the one scenario short of maybe nuclear war where you go to bed tonight, your company's doing great financially and doing great operations. You wake up tomorrow morning with a call from your CISO saying we are now shut down. Our company is out of business until we get this resolved. That's big."
And it creates a big impact in the real word.
