Thursday, July 15, 2021

White House Announces Ransomware Task Force


The Biden Administration is unleashing a range of options to stem the growing Ransomware Threat, a senior Administration Official said, including offering Rewards as high as $10 Million for help identifying the Perpetrators.

Other options on the table include: launching Disruptive Cyberattacks on Hacker Gangs, and developing Partnerships with Businesses to speed up the Sharing of Information about Ransomware Infections.

The White House has formed, a previously unannounced, Cross-Government Task Force, to coordinate a series of Defensive and Offensive measures against Ransomware. The Actions follow a series of high-profile Hacks that have underscored how Cybersecurity Weaknesses can wreak havoc on American Society.

With the Task Force’s oversight, Federal Agencies are taking actions such as: promoting Digital Resilience among Critical Infrastructure Companies; working to Halt Ransom Payments made through Cryptocurrency Platforms; and Coordinating activities with U.S. Allies.

The Interagency Group is giving the White House frequent Updates on Agencies’ efforts, and the Body is Tracking, on a Weekly basis, efforts to Implement the National Counter Ransomware Campaign.

The Administration is also exploring the possibility of New Partnerships with Cyber-Insurance Providers and Critical Infrastructure Companies so that Businesses and the Government can Share Information about Ransomware Attacks more Quickly.

Anne Neuberger, the Deputy National Security Adviser for Cyber and Emerging Technology, also previewed the Administration’s Plan during a 35-minute Briefing for Senators on Wednesday afternoon.

The Announcement of the Task Force comes as Lawmakers and Experts are pressuring President Biden to respond more Forcefully to Russian President, Vladimir Putin’s Inaction, against Ransomware Operators, who in recent months have Paralyzed much of the East Coast's Gasoline Supply, Crippled a Major Meat Processing Company, and Breached the IT Software Vendor Kaseya, and Hundreds of Companies connected to it.

“We’ve got to send a very strong, even disproportionate, message to Russia that we’re not going to tolerate this,” House Homeland Security Ranking Member, John Katko (R-NY, 24th District) said last week.

But Biden faces few Good Options for altering Putin’s Calculus. Years of Sanctions have proven Ineffective, Cryptocurrency Regulations face daunting prospects, Allies in Europe are heavily Reliant on Russian Energy Supplies, and Retaliatory Cyberattacks could Backfire.

Congress is already pursuing its own Options. A Bipartisan Group of Senators is expected to introduce Legislation, this week or next, to Require a Wide-Range of Companies, including Critical Infrastructure Operators, to Report Hacks to the Government. The House Homeland Security Committee is crafting similar Legislation. Federal Officials say a Lack of Information about Private-Sector Breaches hampers their Ability to Protect the Country from Digital Threats.

During Wednesday’s Briefing for Lawmakers, Officials asked for New Authority to establish Mandatory Cyber Standards for Critical Infrastructure. Neuberger also told Senators that the White House will Announce Three other Steps in the coming days.

DHS’ Cybersecurity and Infrastructure Security Agency will launch an Interagency Website, to Collect Defensive Guidance from various Agencies. The Treasury Department’s Financial Crimes Enforcement Network, will convene a Virtual Conference on Ransomware in August. And the State Department will use its “Rewards for Justice” Program to offer Cash Payments for Tips leading to the Arrests of Ransomware Operators.

The Crusade against Ransomware materialized on Tuesday, when the REvil gang, which carried out the Kaseya Attack, abruptly went Dark. It is unclear if the U.S. or Russia disrupted REvil’s Infrastructure or if the Criminals Shut-Down their Servers themselves, as other Groups have done in the Past following Internal Squabbles or Increased Scrutiny.

As the Pace and Impact of Cyberattacks intensify, Biden is only now getting his Core Team, in place, to deal with them. On Monday, Chris Inglis was Sworn-In as the First National Cyber Director, Overseeing Defensive Efforts from the White House. On Tuesday, hours after the Senate confirmed her, Jen Easterly, started her job as Director of CISA, giving the Beleaguered Agency its First Permanent Chief since November 2020.

Neuberger, who joined the White House in January, as Biden’s First Senior Cyber Official, did almost All of the talking during the Senate Briefing. Joining her on the Call were Eric Goldstein, the Executive Assistant Director for Cybersecurity at CISA; Todd Conklin, a Counselor to Deputy Treasury Secretary, Wally Adeyemo; Richard Downing, a Deputy Assistant Attorney General in DOJ’s Criminal Division; and Herb Stapleton, a Deputy Assistant Director of the FBI’s Cyber Division.

Sen. Mike Rounds (R-SD), the Ranking Member on the Armed Services Panel’s Cyber Subcommittee, asked about Potential Military Cyber Operations to confront Ransomware Gangs. He was told that that Issue was better Addressed in a Classified setting.

Sen. Angus King (I-ME), the Co-Chair of the Congressionally Chartered Cyberspace Solarium Commission, welcomed the Administration’s New Initiatives but said they would probably do Little to Deter Putin. “They're necessary steps in order to deal with this issue,” he told Reporters, but “the deterrence starts with the president's interactions with Putin over the last month or so.” “Vladimir Putin understands power, and he understands risk,” King said, “and he has to understand that this kind of conduct by the Russian state is unacceptable and will entail costs.”










NYC Wins When Everyone Can Vote! Michael H. Drucker


No comments: