CISA Talks Collaborative Approach on Ransomware

CISA Talks Collaborative Approach on Ransomware

The agency is emphasizing its role to provide tools and capabilities to federal government for countering threats.

A baby’s death, the disruption of a large meat plant operation and the shutdown of a major oil pipeline system are all being linked to recent ransomware attacks in the U.S.

According to federal security experts, cybercrimes are on the rise and becoming a significant challenge for the country, but there are things that the government, commercial companies and individuals can do together to protect their networks.

Cybersecurity and Infrastructure Security Agency (CISA) Executive Director Brandon Wales said everyone needs to understand that the time to deal with ransomware is not after you’ve been hit. 

“The actual time to address the ransomware challenges that you may face is well ahead of time,” said Wales at an Axios virtual event last week. “What can I do to make my network more secure, and what can I do to make sure my network is more resilient so that if I do face an attack or disruption I can get back up and running more quickly?”

The federal government’s role to stop ransomware attacks involves tracking criminals, Wales said, and the private sector also plays a big role in that. 

“A lot of it starts right there at the beginning with, does the private sector come to the government early on with what’s happening, are they going to pay a ransom where are they sending it to, so that the government can begin the process of tracing the funds with the potential, of maybe getting them back,” said Wales.

In August, CISA launched the Joint Cyber Defense Collaborative, a new initiative that is feeding more information into communities, businesses and government agencies that better prepares them for cyber attacks.  

This collaborative includes multiple cloud and internet providers, as well as cybersecurity vendors that have a massive view of the cyberspace around this country and the world.

“These are the companies that have ability to see what’s happening across the board, government and private sector together both in the United States and a lot of times overseas, they have the ability to understand what’s happening and take action at a scale that no company can do individually,” Wales said.

Some technology companies like Google have spent months reshaping their security techniques to protect against threats and stay ahead of the attackers.
   
“We adopted a defense-in-depth approach to security,” said Google SVP for Global Affairs Kent Walker at the event. “One example is we take a zero-trust approach. We verify anyone accessing our systems, and we use techniques like multi-factor authentication.”

Every day Google is blocking more than 100 million phishing attacks. The company believes people should not have to worry about whether they have the latest security and should have products with security built in.

“If we do it right, we can make it easier for users, if we can build things by default at scale and improve our infrastructure that reduces the effort that everyday people have to make to keep themselves safe,” Walker said.

Google is also investing more than $10 billion over the next five years to help the government strengthen cybersecurity.

The Biden Administration has also announced a 30-country summit to tackle the ransomware problem.

Technology experts say engaging with our allies is key to preventing cyberattacks. 

Silverado Policy Accelerator Co-Founder & Chairman Dmitri Alperovitch believes the government should regulate cryptocurrency transactions by implementing “know your customer” standards and focus on “anti-money laundering” schemes to make huge impact on cybercrimes.

“What these 30 countries can do is make sure that that, one, the cryptocurrency exchanges that operate within their borders are doing that,” said Alperovitch. “But also make sure that any cryptocurrency exchange globally that is not abiding by the [know-your-customer] and [anti-money-laundering] standards is going to be blocked from the global financial system.” 

Alperovitch said it’s important that company CEOs know that it will take more than just money to establish a great cybersecurity program.

“Empower your security teams to be at the table when decisions are made about the business, about the types of technology choices you’re going to make and types of risks you’re going to take on as a business and making sure their views are accounted for,” said Alperovitch.

 
Standard