zephyr18 / istock

If Government Leaders Aren’t Worried About Ransomware, They Should Be

To combat maturing cyberthreats, we need to deepen our bench.

In a survey of 450 cybersecurity leaders worldwide, 85% said they were most concerned about ransomware in comparison to other cyber threats. Their concerns are warranted. Researchers documented 188.9 million ransomware attacks in just the second quarter of 2021.

Both the White House and Congress have urged federal agencies and the private sector to take the recent explosion of ransomware seriously. The message is clear: Working with stakeholders across the public and private sectors to disrupt and defend against cybercrime, while a well-established element of cybersecurity, is a burgeoning national security priority. It takes teamwork and engagement by all to deal with this growing problem.

This alarming trend echoes findings in FortiGuard Labs’ latest Global Threat Report: Ransomware attacks increased more than tenfold over the last year, with telecom and government organizations as two of the most frequent targets. Attacks on operational technology—including industrial control systems—also increased, with incidents disrupting supply chains, critical infrastructure functionality and services we rely on every day. 

An Alarming Trend

The increase in attacks continues a trend that began in 2020, when ransomware across all industries rose sevenfold during the final six months of the year. Cyber adversaries exploited the off-site and increasingly hybrid nature of work and learning by targeting vulnerabilities in this expanded environment. 

The 2020 spike in attacks was one result of the amplified risk of transitioning to telework and remote access. Many organizations mandated use of multifactor authentication and VPN connections as workers pivoted to home offices often connected by poorly secured residential networks.

Having rolled out these basic security measures, many organizations effectively were, from a security perspective, treating their employees as if they were still logging on at the office. Yet the reality was that these users were connecting from home office environments into which employers had little or no visibility or control. It exposed organizations to additional risk in an operating environment that few users fully understood or could adequately protect. 

During the first half of 2021, attacks escalated in sophistication, often leveraging multiple modes of infection and types of damage, such as ransomware that both encrypts the victim’s network and exfiltrates a copy of the data for sale or for additional leverage in extortion. The fallout increasingly affects operational technology––the technology controlling vital processes in industrial sectors like manufacturing, transportation and utilities. Some of these repercussions are deliberate; others may be collateral damage in attacks on corporate IT networks, as IT and operational technology become progressively intertwined.

To shore up defenses and build cyber resilience against threats to both IT and OT networks, we need a holistic approach that incorporates lessons learned and capitalizes on the increased sense of urgency.

Congress’s recent push on cybersecurity is an opportunity to build on progress, broaden coordination with the state and local levels, and tap into the skills and experiences of groups traditionally excluded from the cybersecurity workforce. To combat the growing threat, we need to work smarter as well as harder, bringing to bear the full capabilities of the private sector and federal expertise and resources.

Building on Momentum, Scaling Solutions

We have seen some success in the past year. Coordination across industry and government has resulted in key victories against malicious operations. Authorities successfully took down botnet infrastructures such as Emotet, one of the largest and most prolific malware operations in recent history, using a court order against the online hosting service used by the cybercriminals. Similar operations initiated by IT firms with broad visibility into the cybercriminal ecosystem disrupted malicious cyber activity in the first half of 2021. Such successes illustrate the value of public-private sector collaboration in blunting the impact of cybercrime.  

To help organizations protect themselves and the public from IT supply chain risks, the White House announced the National Institute of Standards and Technology will work with industry to develop a new framework that will serve as “a guideline to public and private entities on how to build secure technology and assess the security of technology, including open source software,” according to a fact sheet issued by the administration following last week’s meeting.

Progress will require a focus on improving the institutional agility needed for organizations and users to fully benefit from progress in security, IT and OT. Often, the local governments, small businesses and community banks that most affect our everyday lives are even more vulnerable to attacks than large organizations—yet these “lower-level” groups lack the talent and resources to institute meaningful change. Telling these key stakeholders to increase cybersecurity in the goods and services they use is more likely to succeed when it is coupled with guidance and mechanisms, such as links to clear security criteria mapping to NIST frameworks or exemplar cybersecurity language they could use in contracts to ensure they meet security standards and best practices. 

With the growing ubiquity of cloud-based services, weaving security into their adoption and use is equally critical. Recent efforts to standardize cloud security at the federal level provide a potential model for improving cloud security at the state and local levels, ensuring all stakeholders have timely access to the evolving benefits of cloud services and accompanying security optimized for government organizations and end users. StateRAMP, a nonprofit organization modeled after the Federal Risk and Authorization Management Program (FedRAMP), offers a clear, consistent process for state and local agencies and cloud service providers to expediently align their cloud security controls with recent progress in federal standards.

Companies and agencies must also work to bolster and diversify the cybersecurity workforce. As President Biden emphasized last week, “our skilled cybersecurity workforce is not growing fast enough to keep pace” with the increasing cyber threats. Solving this issue will require addressing the cybersecurity skills gap. Tapping into underrepresented groups––especially women, minorities and veterans––increasing access to training, and opening paths to certification should be at the core of more expansive recruitment efforts across society.

Cyberattacks are becoming more aggressive, more sophisticated, and more frequent. The trends analyzed in the Global Threat Report represent an alarming threat to U.S. national security and reflect our transition to a more networked and interconnected world of digital services. We must work together to meet this challenge under a coordinated and holistic approach to building the foundations we will need for success. 

Jim Richberg is the public sector field chief information security officer and vice president of information security at Fortinet. He formerly served in senior roles in the Office of the Director of National Intelligence.

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.