The Biden Administration Just Delivered a Stark Warning About Ransomware

“Paying a ransomware only exacerbates and accelerates this problem.”

Ben Margot/AP

Fight disinformation: Sign up for the free Mother Jones Daily newsletter and follow the news that matters.

Key oil and gas pipelines and one of the world’s largest meat suppliers have ground to a halt in recent weeks by cyberattackers who have demanded exorbitant ransoms. Today, Energy Secretary Jennifer Granholm offered a stark warning during her appearances on Sunday morning talk shows: The US power grid is vulnerable to those sorts of debilitating attacks, and the nation’s laws do not adequately address the growing issue.

“There are thousands of attacks on all aspects of the energy sector and the private sector generally,” Granholm told CNN’s Jake Tapper, adding that hackers “do” have the capacity to shut down the US power grid through their attacks.

The energy secretary’s warning arrives after last month’s cyberattack on Colonial Pipeline, which operates one of the country’s largest pipelines carrying refined gasoline and jet fuel. The attack forced the company to shut down 5,500 miles of pipeline and oil supply was choked on the East Coast for weeks—even after Colonial Pipeline ended up paying the $4 million the hackers had demanded. JBS, which supplies one-fifth of the world’s meat, identified a similar attack on its systems last week and shut down all beef production at its facilities in the aftermath. They did not respond to the hackers’ demands and restored operations days later, but the brief shutdown sparked panic over meat shortages and risks to other food providers. Ransomware attacks have become a pervasive threat beyond these recent high-profile events, shutting down everything from ferry rides to virtual classes, according to a recent analysis from the Washington Post.

Both of the recent prominent attacks are reportedly the work of Russian hackers and will be a subject of discussion between Biden and Russian President Vladimir Putin when they meet in Geneva, Switzerland, this week during Biden’s first international trip as president. 

Granholm noted that the Transportation Security Administration now requires pipelines to notify the Energy Department of ransomware attacks in real-time, a change intended to loop in the right experts before matters escalate. But the energy secretary acknowledged that cyber standards that are sufficiently robust to keep energy resources safe do not exist, and she encouraged companies to work with the Biden administration to establish guidelines. “There are basic standards, cyber standards, that they adhere to, cyber standards that are developed by the Department of Commerce,” Granholm explained, “and we need that same sort of regime with pipelines. And that does not exist at the moment.

She also advocated for a law banning companies from paying the ransom hackers demand. “We need to send this strong message that paying a ransomware only exacerbates and accelerates this problem,” Granholm said on NBC’s Meet the Press. “You are encouraging the bad actors when that happens.”

Granholm took the opportunity to connect these vulnerabilities with potential solutions offered in Biden’s American Jobs Plan, which would provide investments in the country’s power grids that could increase their resilience against such attacks.

We've never been very good at being conservative.

And usually, that serves us well in doing the ambitious, hard-hitting journalism that you turn to Mother Jones for. But it also means we can't afford to come up short when it comes to scratching together the funds it takes to keep our team firing on all cylinders, and the truth is, we finished our budgeting cycle on June 30 about $100,000 short of our online goal.

This is no time to come up short. It's time to fight like hell, as our namesake would tell us to do, for a democracy where minority rule cannot impose an extreme agenda, where facts matter, and where accountability has a chance at the polls and in the press. If you value our reporting and you can right now, please help us dig out of the $100,000 hole we're starting our new budgeting cycle in with an always-needed and always-appreciated donation today.

payment methods

We've never been very good at being conservative.

And usually, that serves us well in doing the ambitious, hard-hitting journalism that you turn to Mother Jones for. But it also means we can't afford to come up short when it comes to scratching together the funds it takes to keep our team firing on all cylinders, and the truth is, we finished our budgeting cycle on June 30 about $100,000 short of our online goal.

This is no time to come up short. It's time to fight like hell, as our namesake would tell us to do, for a democracy where minority rule cannot impose an extreme agenda, where facts matter, and where accountability has a chance at the polls and in the press. If you value our reporting and you can right now, please help us dig out of the $100,000 hole we're starting our new budgeting cycle in with an always-needed and always-appreciated donation today.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate