White House Urged to Address Surge in Ransomware Attacks
White House Urged to Address Surge in Ransomware Attacks
By Kartikay Mehrotra
29 April 2021, 11:00 BST Updated on 29 April 2021, 20:40 BST
Pressure urged to discourage hacker ‘safe havens’ abroad
Tougher cryptocurrency oversight advocated to curb ransomware
In this article
MSFT
MICROSOFT CORP
252.51USD-2.05-0.81%
1316611D
CHAINALYSIS INC
Private Company
PANW
PALO ALTO NETWOR
355.15USD-5.01-1.39%
Cybersecurity experts, law enforcement agencies and governments urged the White House to root out safe havens for criminals engaging in ransomware and step up regulation of cryptocurrencies, the lifeblood of hackers, in the hopes of controlling a growing wave of attacks.
These are two of 48 recommendations made by a task force in a report Thursday to the Biden administration aimed at fighting the continuing ransomware episodes that plague major corporations, local governments and health-care providers across the world. The task force, organized by the Institute for Security and Technology, said the cyber-attacks have become a $350 million criminal industry -- a four-fold increase from the previous year. Last week, the U.S. Justice Department created its own, independent ransomware task force, signaling growing awareness inside the U.S. government of the now decade-old threat.
ADVERTISING
Ransomware is a type of malicious code that typically encrypts a victim’s data or network of computers. The hackers then demand a ransom to decrypt the information. More recently, ransomware gangs have also stolen data and threatened to make it public unless the victim pays a fee.
The FBI encourages organizations to refuse to pay hackers, but many victims end up doing so because the costs of the attacks can outweigh the ransom demand. Ransomware attacks have forced hospitals to postpone critical treatment, energy providers to cut off power supplies and schools to stop teaching. In some instances, lives are at stake, said Kemba Walden, an attorney in the Digital Security Unit at Microsoft Corp.
The report was born from months of consultations among cybersecurity experts at Palo Alto Networks Inc., researchers at Chainalysis Inc. and law enforcement agencies in the U.S., U.K. and Canada, among others. The recommendations include five priorities deemed to be ‘’foundational and urgent,” including a push to use diplomatic channels and law enforcement across the world to dissuade countries from becoming “safe havens to ransomware criminals.”
“Most ransomware criminals are based in nation-states that are unwilling or unable to prosecute this cyber crime, and because ransoms are paid through cryptocurrency, they are difficult to trace,” according to the report. “This global challenge demands an ‘all hands on deck’ approach, with support form the highest levels of government.”
Department of Homeland Security Secretary Alejandro Mayorkas on Thursday described ransomware as a national security threat and pledged to make it a priority for the Biden administration.
Paid Post
Europe’s Unstoppable Transition to Sustainable Investing Is In Progress
Bloomberg
“The White House is developing a plan dedicated to tackling this problem,” he said.
Department Of Justice Holds News Conference On Chinese National Security
John DemersPhotographer: Sarah Silbiger/Getty Images/Bloomberg
John Demers, U.S. assistant attorney general for national security, told reporters this week that ransomware as a cybercrime is no longer limited to independent cartels seeking to hold victims hostage for profit. Instead, nation-states may be using the attacks as a tool to disrupt government or private operations.
Earlier this month, for instance, the U.S. Treasury Department sanctioned Russian entities for helping to facilitate cyber-attacks and tied a Russian intelligence agency to a notorious ransomware group known as Evil Corp.
What to know in tech
Get insights from reporters around the world in the Fully Charged newsletter.
Email
Enter your email
Sign Up
Bloomberg may send me offers and promotions.
By submitting my information, I agree to the Privacy Policy and Terms of Service.
The report also outlines methods to regulate and control the economic backbone of the ransomware business: cryptocurrencies. Such payments between hackers and their victims occur in the largely unregulated realm of digital currency, which is harder for experts to track in hopes of identifying the criminals. The task force calls for governments to require cryptocurrency exchanges and trading desks to enforce basic “know your customer,” anti-money laundering and financial terrorism laws.
These rules could help law enforcement identify the nexus of ransomware cartels and the individuals getting rich from ransom payments, said Don Spies, director of market development for Chainalysis.
“I firmly believe cryptocurrencies are a new asset class. They’re now part of the overall financial system,” Spies said. “So, too, is ransomware, and it’s not going away. But I believe these recommendations can go a long way to combating a problem that’s out of control.”
By Kartikay Mehrotra
29 April 2021, 11:00 BST Updated on 29 April 2021, 20:40 BST
Pressure urged to discourage hacker ‘safe havens’ abroad
Tougher cryptocurrency oversight advocated to curb ransomware
In this article
MSFT
MICROSOFT CORP
252.51USD-2.05-0.81%
1316611D
CHAINALYSIS INC
Private Company
PANW
PALO ALTO NETWOR
355.15USD-5.01-1.39%
Cybersecurity experts, law enforcement agencies and governments urged the White House to root out safe havens for criminals engaging in ransomware and step up regulation of cryptocurrencies, the lifeblood of hackers, in the hopes of controlling a growing wave of attacks.
These are two of 48 recommendations made by a task force in a report Thursday to the Biden administration aimed at fighting the continuing ransomware episodes that plague major corporations, local governments and health-care providers across the world. The task force, organized by the Institute for Security and Technology, said the cyber-attacks have become a $350 million criminal industry -- a four-fold increase from the previous year. Last week, the U.S. Justice Department created its own, independent ransomware task force, signaling growing awareness inside the U.S. government of the now decade-old threat.
ADVERTISING
Ransomware is a type of malicious code that typically encrypts a victim’s data or network of computers. The hackers then demand a ransom to decrypt the information. More recently, ransomware gangs have also stolen data and threatened to make it public unless the victim pays a fee.
The FBI encourages organizations to refuse to pay hackers, but many victims end up doing so because the costs of the attacks can outweigh the ransom demand. Ransomware attacks have forced hospitals to postpone critical treatment, energy providers to cut off power supplies and schools to stop teaching. In some instances, lives are at stake, said Kemba Walden, an attorney in the Digital Security Unit at Microsoft Corp.
The report was born from months of consultations among cybersecurity experts at Palo Alto Networks Inc., researchers at Chainalysis Inc. and law enforcement agencies in the U.S., U.K. and Canada, among others. The recommendations include five priorities deemed to be ‘’foundational and urgent,” including a push to use diplomatic channels and law enforcement across the world to dissuade countries from becoming “safe havens to ransomware criminals.”
“Most ransomware criminals are based in nation-states that are unwilling or unable to prosecute this cyber crime, and because ransoms are paid through cryptocurrency, they are difficult to trace,” according to the report. “This global challenge demands an ‘all hands on deck’ approach, with support form the highest levels of government.”
Department of Homeland Security Secretary Alejandro Mayorkas on Thursday described ransomware as a national security threat and pledged to make it a priority for the Biden administration.
Paid Post
Europe’s Unstoppable Transition to Sustainable Investing Is In Progress
Bloomberg
“The White House is developing a plan dedicated to tackling this problem,” he said.
Department Of Justice Holds News Conference On Chinese National Security
John DemersPhotographer: Sarah Silbiger/Getty Images/Bloomberg
John Demers, U.S. assistant attorney general for national security, told reporters this week that ransomware as a cybercrime is no longer limited to independent cartels seeking to hold victims hostage for profit. Instead, nation-states may be using the attacks as a tool to disrupt government or private operations.
Earlier this month, for instance, the U.S. Treasury Department sanctioned Russian entities for helping to facilitate cyber-attacks and tied a Russian intelligence agency to a notorious ransomware group known as Evil Corp.
What to know in tech
Get insights from reporters around the world in the Fully Charged newsletter.
Enter your email
Sign Up
Bloomberg may send me offers and promotions.
By submitting my information, I agree to the Privacy Policy and Terms of Service.
The report also outlines methods to regulate and control the economic backbone of the ransomware business: cryptocurrencies. Such payments between hackers and their victims occur in the largely unregulated realm of digital currency, which is harder for experts to track in hopes of identifying the criminals. The task force calls for governments to require cryptocurrency exchanges and trading desks to enforce basic “know your customer,” anti-money laundering and financial terrorism laws.
These rules could help law enforcement identify the nexus of ransomware cartels and the individuals getting rich from ransom payments, said Don Spies, director of market development for Chainalysis.
“I firmly believe cryptocurrencies are a new asset class. They’re now part of the overall financial system,” Spies said. “So, too, is ransomware, and it’s not going away. But I believe these recommendations can go a long way to combating a problem that’s out of control.”
