'We’ve seen an increase': White House warns about an uptick in ransomware attacks

Ben Werschkul

One day after the Biden administration rolled out a sweeping new executive order on artificial intelligence, the White House is convening leaders from around the world to confront what it considers another pressing issue: ransomware.

The third International Counter Ransomware Summit kicks off Tuesday, with representatives from about 50 countries in attendance. Biden officials hope to use the event to finalize a wave of new efforts designed to counteract the "ransomware ecosystem."

These digital attacks happen when an organization's data is either stolen or encrypted and then money is demanded in return for either returning the data or keeping it private.

"We've seen an increase in the first half of 2023 in ransomware attacks worldwide," Anne Neuberger, Biden’s deputy national security advisor focused on cybersecurity, said in an interview with Yahoo Finance ahead of the conference.

She noted that White House data shows a 45% increase in ransomware attacks compared with the last half of 2022.

WASHINGTON, DC - MARCH 21: U.S. Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger speaks during a White House daily press briefing at the James S. Brady Press Briefing Room of the White House on March 21, 2022 in Washington, DC. White House Press Secretary Jen Psaki held a daily press briefing to answer questions from members of the press. (Photo by Alex Wong/Getty Images)
Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger speaks at the White House in 2022. (Alex Wong/Getty Images) (Alex Wong via Getty Images)

This wing of cybercrime has bloomed into a certified industry in recent years with hackers — many of whom are based in places like Russia — launching attacks that can target a range of organizations from private companies to infrastructure projects to hospitals to entire governments.

The business and government leaders are gathering in Washington this week to share intelligence and discuss government and private sector diligence on the issue. In addition, the White House is hoping to forge consensus and plan the launch of new initiatives, such as efforts to track and blacklist hackers' digital wallets and a new platform to allow governments to share threats more quickly.

The summit is part of the International Counter Ransomware Initiative that launched in 2021 with 30 members and has steadily grown alongside the threat.

An uptick in threats

Ransomware attacks this year may not have generated the widespread attention that accompanied attacks in 2021 at places like Colonial Pipeline and meat producer JBS, but the frequency of these economically damaging attacks has nevertheless ticked up.

In recent months, organizations from Clorox to CommonSpirit Health, a Catholic health system, have revealed attacks and ransom payments. Just last weekend, Stanford University announced an investigation in a recent cybersecurity incident at the school’s Department of Public Safety.

Colonial Pipeline storage tanks are seen in Woodbridge, N.J., Monday, May 10, 2021. Gasoline futures are ticking higher following a cyberextortion attempt on the Colonial Pipeline, a vital U.S. pipeline that carries fuel from the Gulf Coast to the Northeast. (AP Photo/Seth Wenig)
A ransomware attack on Colonial Pipeline briefly led gas prices to spike in 2021 as cybercriminals jeopardized a vital US pipeline that carries fuel from the Gulf Coast to the Northeast. (AP Photo/Seth Wenig) (ASSOCIATED PRESS)

While hard data on ransomware attacks is all but impossible to quantify with certainty — organizations often opt not to disclose the breaches publicly — experts agree that a spike has been evident this year.

Anti-ransomware company BlackFog recently called 2023 "another record-breaking year" for ransomware with a long list of publicly disclosed attacks that it says comes in addition to the thousands of attacks that are kept private.

And a recent private notification from the Federal Bureau of Investigation warned of a new flavor to the threat: the rise of dual ransomware attacks where the same company is targeted in quick succession.

New efforts under debate this week

The Biden administration's message to private companies is to not pay the ransoms and also disclose the attacks in order to help government enforcement efforts that focus on the attackers who often prefer to operate in secret.

"When in doubt, report it out," counsels the White House’s guide for businesses.

One aspect of this week’s conference will be an effort to share new intelligence with foreign governments, following recent attacks in locales as wide-ranging as Costa Rica and Israel.

Another aspect of intelligence-sharing efforts that the White House is undertaking this week aims to create a new shared blacklist of cryptocurrency-holding digital wallets in order to force hackers to set up cumbersome new wallets rather than simply reuse them around the world.

"We know there's no magic shot to stop ransomware actors, we just want to make it riskier, costlier, and harder," Neuberger added of efforts like the digital wallets database.

AI is another big focus of the week’s cybersecurity conversations and loosely tied to the Biden administration’s larger AI executive order that was unveiled Monday and covered everything from sharing AI models with the government to immigration policy.

President Joe Biden signs an executive on artificial intelligence in the East Room of the White House, Monday, Oct. 30, 2023, in Washington. Vice President Kamala Harris looks on at right. (AP Photo/Evan Vucci)
President Joe Biden signs an executive on artificial intelligence in the East Room of the White House on Monday as Vice President Kamala Harris looks on. (AP Photo/Evan Vucci) (ASSOCIATED PRESS)

In remarks Monday, President Biden drew a direct link between AI and cybersecurity. He noted that "in the wrong hands, AI can make it easier for hackers to exploit vulnerabilities in the software that makes our society run."

On the ransomware front, Biden officials are hoping to forge consensus at this week's conference around an initiative that would use AI to power new blockchain analysis efforts and use the technology to more effectively search through terabytes of digital data for clues.

At the same time, there is an understanding that these hackers can use — and almost surely already are using — AI to power ever more malicious intrusion tools.

In an interview earlier this year, business executive Betsy Atkins called AI an "exponential weapon we put in the cyber criminals' hands."

As President Biden put it Monday when discussing the government’s view of AI: "To realize the promise of AI and avoid the risks, we need to govern this technology."

Ben Werschkul is Washington correspondent for Yahoo Finance.

Click here for politics news related to business and money

Read the latest financial and business news from Yahoo Finance

Advertisement