anne neuberger
Image: Columbia SIPA/YouTube

Top White House cyber official urges Trump to focus on ransomware, China

When President Donald Trump once again takes office in January, he’ll have to confront some of the same cybersecurity issues he dealt with during his first term — but in some cases they’ve only gotten worse.

Anne Neuberger, the U.S. deputy national security adviser for cyber and emerging technologies, spoke at Columbia University on Wednesday and was asked about what pressing cyber challenges the new administration should tackle in its first 100 days. 

“I’m going to put them into three bins. China, criminal groups like ransomware actors, and then AI, which cuts across all of them. China has been stealing corporate secrets, corporate R&D to advance their economy, and stealing government secrets. Let's be candid. All governments do, most governments do,” she said, referencing the years-long concern about the Salt Typhoon and Volt Typhoon campaigns launched by China’s government. 

“What's really changed with China, we've seen, is pre-positioning in pipelines, in water systems, in power systems which don't have intelligence value. And our concern is that that pre-positioning is to disrupt, to make it difficult to operate those systems in a time of crisis or conflict.”

She then highlighted the issue of ransomware groups and cybercriminal gangs, which she called “the most disruptive set of adversaries today in cyberspace.” 

Neuberger told the audience that she was the U.S. Representative at a UN Security Council session last Friday where the Director General of the World Health Organization and others spoke at length about the damage caused by recent ransomware attacks.

“We had the CEO of a national hospital chain talk about how they couldn't operate for weeks. They were using runners to run images into surgery as a result,” she said. 

“That's driven by cryptocurrency and the $1.3 billion in ransoms paid in the U.S. alone in 2023 and it's driven by a global ecosystem, and the fact that Russia provides safe haven, but it's a global problem,” she said, adding that more than half of all ransomware attacks target the U.S.

Pass the baton

The Biden administration has learned a lot about the best ways to handle each of the issues, she said, adding that cybersecurity is still a relatively bipartisan issue, allowing both sides to “pass the baton” relatively easily to the next administration.

Two key pillars of Biden’s strategy that Neuberger hopes the Trump administration takes on is the push for minimum cybersecurity requirements and international partnerships. 

A pivotal lesson the Biden administration learned was about the need for the government to tailor cyber regulations for each industry and work with the private sector before rolling out new measures — which Neuberger said they learned the hard way following the release of new cyber rules governing pipelines after the Colonial Pipeline ransomware attack

“So Colonial Pipeline happened. And the President turned to me and said, and how could this happen? How can you shut down the only pipeline along the eastern seaboard?” she said. 

“The real issue was we weren't requiring any cybersecurity rules for the pipeline. So based upon that, for the first time ever, the President used his emergency authorities for pipelines, and we quickly rolled out requirements, and only then started consulting with the private sector.”

The White House then held three rounds of meetings in the Situation Room to get industry leaders intelligence briefings on cybersecurity threats and consulted them on regulations that could be realistic. The meetings allowed federal regulators to negotiate with companies on rules that would not just be window dressing but that acknowledge the costs associated with cybersecurity coverage, she said.

According to Neuberger, after the release of renewed rules last October, inspections of each critical company in the pipeline sector showed 53% had adopted minimum cybersecurity standards and the rest had not.

As of October 2024, 100% of critical pipelines — about 90 in the United States — now meet minimum cybersecurity requirements under Transportation Security Administration regulations, Neuberger explained. 

For railways, the other industry that saw cyber regulations handed down in the first year of the Biden presidency, just 21% initially met minimum cyber requirements. As of last month, 68% do. The aviation industry was the third to get cyber regulations, and 0% met minimum standards when they were first rolled out. Now, 57% do.

“So that gives you a picture of measuring what matters, defining what the requirement is, and then, frankly, measuring it. And under regulatory authorities, TSA don’t just measure it, they also can give a plan and say, ‘Folks, you've got to address what it takes, and we're coming back to inspect thereafter,’” she said. 

She noted that the federal government also now has to contend with the Supreme Court’s decision in the Loper Bright Enterprises v. Raimondo case — known colloquially as the “Chevron decision” — which will affect how federal agencies go about regulating the industries they govern. 

Neuberger added that one of the thorniest issues she foresees continuing being a problem is cryptocurrency, which she said is funding rogue governments and “fueling ransomware attacks” because it is the “way that ransomware attackers make money and move money around the world.”

“We see it in terms of funding all kinds of illicit activities, from sanctions evasion to terror activity,” she said. 

“And finally, we see countries like North Korea hacking the stores where crypto is stored, and essentially gleaning billions of dollars that we believe funds the majority of their missile program advancements that bring huge instability to that region and potentially intercontinentally.”

The cryptocurrency industry heavily backed the Trump campaign, bankrolling ad campaigns in multiple states. Howard Lutnick, a key member of Trump’s transition team, is deeply financially tied to Tether — one of the most controversial currencies that law enforcement believes is intertwined with arms dealers, scammers and others.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.