The ransomware scourge, which previously had caught the federal government’s interest, has now captured its full attention as cyber extortion attacks on agencies, schools, hospitals and other big game targets have skyrocketed.
Collectively and individually the Department of Homeland Security (DHS), the Department of Justice (DOJ) and Congressional members are sounding a loud clarion call warning of ransomware’s potential to hijack organizations in the public and private sector with losses reaching hundreds of millions of dollars.
“The threat is real. The threat is upon us. The risk is to all of us,” DHS Secretary Alejandro Mayorkas said during a virtual event Wednesday hosted by the U.S. Chamber of Commerce. (via The Hill) “More than $350 million in victim funds were paid as a result of ransomware in this past year, and our rate of ransomware attacks has increased over the prior year by more than 300 percent,” Mayorkas said. “The losses from ransomware are staggering, and the pace at which those losses are being realized are equally staggering,” he said.
Mayorkas’ remarks line up with a recent study of 15,000 consumers conducted by security provider Kaspersky in which 56 percent of the victims said they had paid a ransom last year but only 29 percent of victims were able to restore all their encrypted or blocked files regardless of whether they paid up or not.
For its part, Justice is forming a Ransomware and Digital Extortion Task Force charged with ensuring the Department pursues cases involving ransomware attacks by adding more employee training, resources and cross agency sharing of threat intelligence. And, the law enforcement agency will launch a 120-day review of its strategy for defending the nation including examining supply chain attacks, nation-state exploits, artificial intelligence, cryptocurrency and other emerging threats.
“There is a great deal to do, and we are launching this review to make sure we are bringing all the tools we can to address it,” Deputy Attorney General Lisa Monaco said during the virtual Munich Cyber Security Conference.
As for DHS, the security agency and its cyber wing, the Cybersecurity Infrastructure and Security Agency, (CISA) will launch a series of 60-day initiatives to tackle ransomware, protect critical infrastructure, build international partnerships and address other security priorities. In early March, Mayorkas announced that Federal Emergency Management Agency (FEMA) cybersecurity grants will be bumped up by $25 million across the U.S. as part of a wide initiative to derail ransomware.
Biden administration officials have termed ransomware attacks a threat to national security and an epidemic. The incidents are almost too numerous to count and stretch across all manner of targets. Most recently:
- Babuk cyber criminals leaked data from the Washington, D.C., police department that included the department’s chief’s reports, lists of arrests and lists of persons of interest.
- A cyber crew used Clop ransomware to steal students’ grades and social security numbers from the Universities of Colorado and Miami demanding a ransom of $10 million.
- Ransomware attackers hit schools in the U.S. and the U.K., using the PYSA malware which can exfiltrate data and encrypt files and data stored on users’ systems.
As for Congress, it’s not like the House has been twiddling its thumbs eschewing cybersecurity bills. The same can’t be said about the Senate, however, where in the last two years dozens of cybersecurity bills have gathered dust with no up or down vote. But it’s possible we may see more cybersecurity legislation successfully move through both chambers. A bipartisan group of Congressional members intend to reintroduce the State and Local Cybersecurity Improvement Act, a bipartisan bill to establish a $500 million grant program to help lower-level government agencies erect digital barriers to cyber attacks. The legislation, which was passed by the House last year but failed to get consideration in the Senate, will have bipartisan sponsors, including House Homeland Security Committee Chairman Bennie Thompson (D-MS.), ranking member John Katko (R-NY) cyber subcommittee ranking member Andrew Garbarino (R-NY) and Rep. Yvette Clarke (D-NY).
“It should come as a surprise to no one...that these ransomware attacks have devastating real-world consequences for Americans,” Garbarino said. “Every minute that a hospital goes down is a minute of missed critical care. The same goes for almost every industry. We must work to put a stop to this.”