White House urged to address surge in ransomware attacks


Ransomware attacks have forced hospitals to postpone critical treatment, energy providers to cut off power supplies and schools to stop teaching. In some instances, lives are at stake, said Walden. — Bloomberg

Cybersecurity experts, law enforcement agencies and governments urged the White House to root out safe havens for criminals engaging in ransomware and step up regulation of cryptocurrencies, the lifeblood of hackers, in the hopes of controlling a growing wave of attacks.

These are two of 48 recommendations made by a task force in a report Thursday to the Biden administration aimed at fighting the continuing ransomware episodes that plague major corporations, local governments and health-care providers across the world. The task force, organised by the Institute for Security and Technology, said the cyberattacks have become a US$350mil (RM1.43bil) criminal industry – a four-fold increase from the previous year.

Last week, the US Justice Department created its own, independent ransomware task force, signaling growing awareness inside the US government of the now decade-old threat.

Ransomware is a type of malicious code that typically encrypts a victim’s data or network of computers. The hackers then demand a ransom to decrypt the information. More recently, ransomware gangs have also stolen data and threatened to make it public unless the victim pays a fee.

The FBI encourages organisations to refuse to pay hackers, but many victims end up doing so because the costs of the attacks can outweigh the ransom demand. Ransomware attacks have forced hospitals to postpone critical treatment, energy providers to cut off power supplies and schools to stop teaching. In some instances, lives are at stake, said Kemba Walden, an attorney in the Digital Security Unit at Microsoft Corp.

The report was born from months of consultations among cybersecurity experts at Palo Alto Networks Inc, researchers at Chainalysis Inc and law enforcement agencies in the US, UK and Canada, among others. The recommendations include five priorities deemed to be “foundational and urgent”, including a push to use diplomatic channels and law enforcement across the world to dissuade countries from becoming “safe havens to ransomware criminals”.

“Most ransomware criminals are based in nation-states that are unwilling or unable to prosecute this cyber crime, and because ransoms are paid through cryptocurrency, they are difficult to trace,” according to the report. “This global challenge demands an ‘all hands on deck’ approach, with support form the highest levels of government.”

US Department of Homeland Security Secretary Alejandro Mayorkas on Thursday described ransomware as a national security threat and pledged to make it a priority for the Biden administration.

“The White House is developing a plan dedicated to tackling this problem,” he said.

John Demers, US assistant attorney general for national security, told reporters this week that ransomware as a cybercrime is no longer limited to independent cartels seeking to hold victims hostage for profit. Instead, nation-states may be using the attacks as a tool to disrupt government or private operations.

Earlier this month, for instance, the US Treasury Department sanctioned Russian entities for helping to facilitate cyberattacks and tied a Russian intelligence agency to a notorious ransomware group known as Evil Corp.

The report also outlines methods to regulate and control the economic backbone of the ransomware business: cryptocurrencies. Such payments between hackers and their victims occur in the largely unregulated realm of digital currency, which is harder for experts to track in hopes of identifying the criminals. The task force calls for governments to require cryptocurrency exchanges and trading desks to enforce basic “know your customer”, anti-money laundering and financial terrorism laws.

These rules could help law enforcement identify the nexus of ransomware cartels and the individuals getting rich from ransom payments, said Don Spies, director of market development for Chainalysis.

“I firmly believe cryptocurrencies are a new asset class. They’re now part of the overall financial system,” Spies said. “So, too, is ransomware, and it’s not going away. But I believe these recommendations can go a long way to combating a problem that’s out of control.” – Bloomberg

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 46
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights
   

Next In Tech News

Instagram tests letting users post to feeds from desktop
Two Malaysian eSports teams in ‘Wild Rift’ competition with a RM620,850 prize pool
Helsinki is using sensors to monitor and analyse crowd movements in real time
Britain begins formal Amazon, Google fake review inquiry
Exclusive: Facebook rejects talks with Australia publisher, testing world's toughest online law
Japan's Rakuten to use Cisco routing tech for 5G, IoT services
Microsoft opens Windows, but reverts to old competitive playbook
Tesla sued over fees at supercharger stations
Shareholders oust Toshiba board chairman in big win for Japan governance
Deliveroo riders lose UK appeal to join union

Stories You'll Enjoy


Vouchers