The Washington gathering was held during a relentless
stretch of ransomware attacks that have targeted critical infrastructure and
major corporations, as well as other illicit cyber operations that US
authorities have linked to foreign hackers.
The Biden administration has been urging the private sector
to do its part to protect against those increasingly sophisticated attacks. In
public remarks before the meeting, Biden referred to cybersecurity as a
"core national security challenge" for the US.
"The reality is most of our critical infrastructure is
owned and operated by the private sector, and the federal government can't meet
this challenge alone," Biden said. "I've invited you all here today
because you have the power, the capacity and the responsibility, I believe, to
raise the bar on cybersecurity."
After the meeting, the White House announced that Google had
committed to invest $10 billion in cybersecurity over the next five years,
money aimed at helping secure the software supply chain and expand zero-trust
programs.
The Biden administration has looked for ways to safeguard
the government's supply chain following a massive Russian government
cyberespionage campaign that exploited vulnerabilities and gave hackers access
to the networks of US government agencies and private companies.
Microsoft, meanwhile, said it would invest $20 billion in
cybersecurity over the next five years and make available $150 million in technical
services to help local governments upgrade their defences. IBM plans to train
150,000 people in cybersecurity over three years, Apple said it would develop a
new programme to help strengthen the technology supply chain, and Amazon said
it would offer to the public the same security awareness training it gives to
employees.
Top executives of each of those companies were invited to
Wednesday's meeting, as were financial industry executives and representatives
from the energy, education and insurance sectors. A government initiative that
at first supported the cybersecurity defences of electric utilities has now
been expanded to focus on natural gas pipelines, the White House said
Wednesday.
Though ransomware was intended as one aspect of Wednesday's
gathering, a senior administration official who briefed reporters in advance
said the purpose was much broader, centred on identifying the "root causes
of any kind of malicious cyber activity" and also ways in which the
private sector can help bolster cybersecurity. The official briefed reporters
on the condition of anonymity.
The meeting took place as Biden's national security team has
been consumed by the troop withdrawal in Afghanistan and the chaotic evacuation
of Americans and Afghan citizens. That it remained on the calendar indicates
the administration regards cybersecurity as a major agenda item, with the
administration official describing Wednesday's meeting as a "call to
action."
The broad cross-section of participants underscores how
cyberattacks have cut across virtually all sectors of commerce. In May, for
instance, hackers associated with a Russia-based cyber gang launched a
ransomware attack on a major fuel pipeline in the US, causing the pipeline to
temporarily halt operations. Weeks later, the world's largest meat processor,
JBS, was hit with an attack by a different hacking group.
In both instances, the companies made multimillion-dollar
ransom payments in an effort to get back online.
Biden on Wednesday pointed to a summit with Russian
President Vladimir Putin in June when he said he made clear his expectation
that Russia take steps to rein in ransomware gangs because "they know
where (the hackers) are and who they are."
0 comments:
Post a Comment