America To Give Ransomware Attacks Similar Priority As Terrorism

The U.S. Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused by cyber criminals, a senior department official told Reuters:

Internal guidance sent on Thursday to U.S. attorney’s offices across the country said information about ransomware investigations in the field should be centrally coordinated with a recently created task force in Washington. “It’s a specialized process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain,” said John Carlin, acting deputy attorney general at the Justice Department.

Last month, a cyber criminal group that the U.S. authorities said operates from Russia, penetrated a pipeline operator on the U.S. East Coast, locking its systems and demanding a ransom. The hack caused a shutdown lasting several days, led to a spike in gas prices, panic buying and localized fuel shortages in the southeast. Colonial Pipeline decided to pay the hackers who invaded their systems nearly $5 million to regain access, the company said.

The problem is that this won’t help as a lot of these threat actors are based in countries where the US can’t get them and toss them into jail. Here’s what will actually help:

  1. Business systems should be running ONLY applications needed to do the job, and no others.
  2. Business systems networks should be isolated from operations networks. Air Gapped as needed.
  3. Systems that need access in or out should be properly firewalled, including blocking entire countries or regions as needed.

The fact is that good IT is expensive. Bad IT is costly. We are in a place where bad IT is the norm. On top of that, it is perceived that it is much easier to have bad IT and pay the BITCOIN when they get pwned. But it isn’t cheaper. And that needs to change. When it does, this problem will get mitigated.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: