4 actions that can protect critical infrastructure against ransomware
In the past five months, cyber attacks have reached an inflection point as daring and opportunistic hackers successfully compromised America’s most critical infrastructure – the water supply (Oldsmar, FL), in food (JBS) and in fuel (Colonial Pipeline). Profit is a key motivator: Reports reveal that victims paid hackers more than $ 406 million in cryptocurrency ransoms last year. Yet the financial motivation for the crimes belies their potentially catastrophic consequences.
The barrage of cyber attacks has revealed the need to reimagine what the nation is protecting and how it is modernizing to protect critical infrastructure, which includes defining what that means today. We have realized, especially after a year and a half, that it is not just the legacy infrastructure that has been in place since World War II that is vulnerable. It was Zoom, Amazon, and other tech that kept the company afloat and sane while battling the vicious virus.
The United States has always been adept at pivoting in the face of hardship and vulnerability. Below are four steps the federal government can take to combat these attacks, especially now that hackers in the most remote parts of the world can lock down businesses and industries with the push of a button.
1. Attacks on critical infrastructure should be understood as digital terrorism
So far, foreign hackers who have launched ransomware attacks have acted only with modest repercussions. The US authorities managed to recover $ 2.3 million from the Colonial Pipeline ransom. While this was a successful counterattack, it still left Moscow-based ransomware group DarkSide for $ 2.1 million – money that in Russia can do a lot for cars from. sports, mansions and even fund a team of 150 foreign pirates for a year.
The United States must change the economy of ransomware attacks. Businesses should not be able to pay or suffer ransoms, and officials should no longer view hacks as mere financial crimes. Given the economic impact and damage, ransomware attacks against critical infrastructure should be considered “digital terrorism” and those responsible should be labeled “digital terrorists”. Pursuing and disrupting the needs of hackers is crucial to eliciting a response not only from law enforcement, but from the entire US government.
2. United States must reconsider the definition of “critical infrastructure” for the modern age and make digital security a priority
At this point, the federal government needs to broaden the definition of critical infrastructure beyond bridges, dams, highways, pipelines and transit systems. The digital connective fabric of society includes both the Internet and the services it provides. It has become clear that Americans cannot work and live without digital service providers like Amazon, Microsoft, and Zoom. These assets must be viewed as critical infrastructures and made resilient against cyber attacks, beyond the physical security of their data centers and corporate headquarters.
Biden Administration’s U.S. Jobs Plan on Track to Improve America’s Obsolete Data Highways: President Joe Biden has earmarked $ 100 billion for affordable broadband infrastructure that could bridge the divide digital. This is a good start because it recognizes that part of what is obsolete is not just concrete and rebar, but the country’s IT infrastructure as well.
Additionally, cybersecurity experts are keenly aware that existing utilities, services, and transportation facilities may have reasonable physical security, but remain insufficiently protected against digital threats. The recent attacks have made it clear that the weakness must be corrected now using modern hardware, software and computer protocols developed by US companies. To the extent that critical infrastructure providers are under-equipped to make the necessary investments in modern cybersecurity technologies, government incentives will accelerate deployment.
3. Payments by ransomware should be prohibited by law
Paying a ransom is dangerous. Every payment encourages future ransomware attacks, and even worse, the victim has no guarantee that the hackers won’t come back for another payday. For public policy reasons, the US government must ban ransom payments because they turn petty crooks into high-profile threats: A company’s surrender poses a threat to society.
Traditional risk management through insurance is not the solution; it only encourages ransomware attacks and broadens their impact. Colonial Pipeline had at least $ 15 million in cyber insurance, but as ransomware attacks continue, the growing burden of multi-million dollar payments will force insurers to increase premiums and exclusions, or to increase abandon companies that file attack claims. It already is: AXA says it will no longer reimburse ransom payments for French ransomware victims, and if that wasn’t enough, banks have started raising interest rates and demanding more collateral businesses that have experienced customer data breaches. Of course, banks themselves have long been the target of cybercriminals, and insurance companies are now under threat as well.
4. Seize the opportunity for public / private collaboration
Given their financial resources, it can be assumed that the United States has such a sophisticated critical infrastructure that is virtually impervious to danger. However, the combination of the country’s wealth and aging infrastructure – not just pipelines and water, but power grids and mass transit systems – make the country a primary target for increasingly sophisticated threats spanning the public and private sectors. Despite its strengths, the United States ranks 13e overall the quality of critical infrastructure.
It’s time for the government to pull the concepts of security out of the industrial age and start protecting both citizens and businesses from growing digital threats. Collaboration with private sector experts will help the public sector anticipate likely threats, enabling smarter and faster adaptations as the security landscape evolves. As hackers increase their resources and deploy sophisticated ransomware attacks, the nation will need every possible advantage to defend itself against them. With the collaboration of the public and private sectors, we will win.
Caleb Barlow is CEO and President of CynergisTek.