A new coalition of cybersecurity and tech groups is looking to create a roadmap for countering the surge of ransomware attacks that plagued city governments, schools and hospitals in 2020.
“You see ransomware as not just an increasing security threat, it is to the level of now where it’s putting hospitals, children, the elderly, financial institutions, everyone at risk,” Philip Reiner, executive chairman of the Institute for Security and Technology’s Ransomware Task Force, told The Hill.
“As a result, we were seized with the idea that creating a collaborative cross-sectoral grouping that is looking at it from a comprehensive, top-down policy approach could potentially have more effect,” Reiner added.
The California-based nonprofit aims to produce recommendations that will help governments and the private sector tackle the scourge of ransomware attacks.
Hackers have increasingly used these types of attacks — which involve accessing and encrypting the victim’s network and demanding payment to allow access again — to hit major targets, with city governments in Atlanta, Baltimore and New Orleans severely impaired by ransomware attacks over the past two years.
More recently, hospitals have become a target during the COVID-19 pandemic, with cyber criminals seeing vulnerable hospitals as easy targets more likely to pay a quick ransom as health care systems struggle to keep up with coronavirus cases. In some instances, the cyberattacks have been blamed for deaths due to delayed care.
“Ransomware has evolved from an economic annoyance to a national security and public health and safety threat,” said Michael Daniel, who served as special assistant to former President Obama and cybersecurity coordinator on the National Security Council. “It is affecting almost every sector of the economy and every size of organization, both public and private.”
Daniel now serves as president and CEO of the Cyber Threat Alliance, one of the groups that has signed on as a member of the newly formed coalition.
The coalition’s task force is made up of heavy hitters in the cybersecurity and tech sector, including Microsoft, FireEye and McAfee, along with cyber-focused groups like the CyberPeace Institute and the Global Cyber Alliance.
Daniel stressed the importance of creating a strategy to address ransomware threats that “have grown too large.”
“We need a more comprehensive strategy for dealing with the ransomware threat,” Daniel said. “That strategy should involve both better defense and more aggressive disruption.”
The task force is beginning its work as both a new Congress and a new administration take the reins of power in Washington. Leaders in both branches of government have raised strong concerns about U.S. cybersecurity, particularly in the wake of a devastating cyberattack on IT group SolarWinds that compromised much of the federal government.
President-elect Joe Biden included over $10 billion in cybersecurity and IT funds for the federal government in the $1.9 trillion COVID-19 relief proposal he unveiled on Thursday, calling it “an urgent national security issue that cannot wait.”
Biden also created a new cyber-focused role on the National Security Council, announcing last week that he had appointed Anne Neuberger, director of cybersecurity at the National Security Agency, as deputy national security adviser for cyber and emerging technology.
On Capitol Hill…
Schrems II Judgment Day
The Court of Justice of the European Union (“CJEU“) issued its judgment today in …
