White House national security staff took the Biden administration’s strategic thinking on ransomware prevention to the local government mayors this week, as administration advisors continued to work through a long list of policy items aimed at curbing the attacks and making them less profitable.
The flurry of activity – from the staff level up to President Biden – produced little in the way of headline news but illustrated that the administration is pushing ahead with its efforts to deal with the problem.
Meeting with Mayors
On the local level, Anne Neuberger – the White House’s Deputy National Security Advisor for Cyber and Emerging Technology – met with the U.S. Conference of Mayors to discuss cybersecurity challenges including ransomware. The talk included ongoing administration work on ways to disrupt ransomware infrastructure and attackers, win cooperation from international partners, block ransom payments made with cryptocurrency, and develop a “cohesive and consistent” Federal policy on whether the private sector should pay off their attackers.
Neuberger, the White House said, “reinforced the administration’s commitment to ensure state and local governments have the full resources of the federal government when responding to a cyber incident, including the assistance of cybersecurity professionals from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA).” She also briefed mayors on steps they can take to improve their cyber defenses.
Along those same lines, Neuberger followed up on her recent urging for public-private partnerships to guard against ransomware attacks, and “urged mayors to immediately convene heads of state agencies to review their cybersecurity posture and continuity plans.”
White House Policy Deliberations
Meanwhile, at the White House, President Biden and Vice President Harris met with national security advisors for an internal update on the administration’s whole-of-government efforts to address ransomware attacks.
White House Press Secretary Jen Psaki said the meeting included discussions of surge capacity, resiliency and reporting requirements, and payment systems, but declined to offer more details.
She also pointed to the administration’s nascent talks with the Russian government about what should be off-limits in cyber attacks originating from Russia – a topic that President Biden and Russian President Vladimir Putin discussed last month.
“What is new is this level of engagement … at the highest level, ongoing high-level engagement from our national security officials with the Russian government, and expert-level talks about the cyber and ransomware attacks,” Psaki said.
She stopped short of laying blame for the recent Kaseya ransomware attack on Russian-based attackers – although some private-sector analysts have already done so.
“We don’t have anything new to report in terms of attribution, nor do we have anything to preview in terms of operational actions or considerations,” Psaki said. She reiterated that President Biden “reserves the right to respond against any ransomware networks and those that harbor them.”
In a brief exchange with reporters today, President Biden declined to talk about details of any message he has for President Putin following the Kaseya attack and his briefing from advisors. But he indicated that perhaps a message has been crafted, telling reporters, “I will deliver it to him.”
RNC Hack Statement
Finally, the Republican National Committee reported on Tuesday that one of its third-party service providers had been hacked, but said that a subsequent investigation showed that no RNC data was accessed.
Speaking today, the White House’s Psaki, said, “the FBI, CISA are in touch with the RNC … we will determine attribution and make a decision accordingly.”
“We’ll conclude the investigation and make an assessment,” she said. “In terms of operational considerations, obviously it’s not in our interest to preview those or preview our punches, as I like to say. The President has a range of options should he determine to take action.”