Russian spies have penetrated U.S. government computer networks. Russian criminals have hit the U.S. gasoline and meat supplies. Can the president figure out how to stop the non-stop intrusions?

Transcript

ARI SHAPIRO, HOST:

President Biden faces an escalating battle in cyberspace. After multiple hacks, the FBI says it's investigating around a hundred different types of ransomware. The Justice Department says it will start treating ransomware in a manner similar to terrorism. So what are the prospects of success? NPR's Greg Myre has our story.

GREG MYRE, BYLINE: President Biden received no grace period when it came to cyber.

APRIL FALCON DOSS: The cyber pressures that this administration has faced so far have been relentless.

MYRE: April Falcon Doss is a former National Security Agency official who now heads a technology program at Georgetown's Law school. As the cyber breaches pile up, cyber experts say it's important to note the two distinct threats. Glenn Gerstell was a senior NSA official until last year.

GLENN GERSTELL: There clearly is a dividing line between cyber hacks for intelligence-gathering purposes and these ransomware attacks that are designed principally for financial benefit.

MYRE: On one side of that line is the SolarWinds attack uncovered last December. This was intelligence gathering by Russian spies quietly stealing U.S. government secrets. On the other side is ransomware, which is surging. Russian criminals are blamed for both the Colonial Pipeline attack that hit gasoline supplies in April and this week's hack that briefly shut down the world's largest meat supplier, JBS. These require different responses, Gerstell says. But he's quick to add...

GERSTELL: Both the intelligence attacks and some of the most significant ransomware attacks we have have one thing in common, and that's Russia.

MYRE: Biden says he'll raise the cyber issue with Russian leader Vladimir Putin at a June 16 summit in Switzerland. Despite all the evidence, Putin denies Russian involvement in the intelligence hacks and shrugs his shoulders when asked about the ransomware attacks from criminals based in Russia. Gerstell says the U.S. shouldn't accept this answer.

GERSTELL: It's almost impossible to believe that a major criminal gang would operate inside of Russia and have real-world effects in the United States and Putin wouldn't know about it.

MYRE: FBI Director Christopher Wray told The Wall Street Journal in a story published today that many of the hundred ransomware variants under investigation are linked to Russia. Last month, Biden laid out his cyber strategy in an executive order. April Falcon Doss says it's a good start.

DOSS: There are many departments and agencies across government that really have cybersecurity postures that lag behind where they should be.

MYRE: The government does face real limits when it comes to ransomware and private companies.

DOSS: The government won't be able to actively protect the private sector from any possible ransomware attack because, thankfully, the government doesn't control the internet, right? We wouldn't want that.

MYRE: Protecting the private sector falls to people like Adam Meyers, vice president for intelligence at the cybersecurity firm CrowdStrike.

ADAM MEYERS: These companies can't put their head in the sand and hope it's not going to happen to them. It is going to happen to them; it's going to be a matter of when.

MYRE: Meyers says too many companies aren't keeping their cyber defenses up to date. He cites the attack on the meat company, JBS, carried out with a malware known as REvil. Meyers knows it well but says many potential victims don't.

MEYERS: I guarantee lots of organizations in the food processing world right now googling how to find - what is REvil? And if you need to look it up when it's happening, you're in a real bad spot.

MYRE: How bad? I ask what the current ransom demand is for an attack on a large company.

MEYERS: I see the payments going out, and the payments are just, you know, stomach-churning figures - you know, $2-, $4-, $8-, $10-, $30 million.

MYRE: It's a price he believes many more companies will have to pay.

Greg Myre, NPR News, Washington.

(SOUNDBITE OF GLASS CANDY, "BEAUTIFUL OBJECT (INSTRUMENTAL)") Transcript provided by NPR, Copyright NPR.

Tags: ransomware  cybersecurity