Fighting ransomware assaults is now the Department of Homeland Security’s primary precedence, and a plan to be extra proactive is already in place.
In an RSA convention webcast Wednesday, Alejandro Mayorkas, the U.S. Secretary of Homeland Security, mentioned present cybersecurity challenges and outlined a technique meant to deal with the highest threats first, utilizing the federal government’s restricted sources. Mayorkas outlined 5 areas to enhance on: detection, data sharing, modernizing federal cybersecurity, federal procurement and federal incident response.
To fight what he known as a “monumental problem,” the federal government devised new initiatives akin to 60-day “cyber sprints” to deal with pressing priorities. The first dash will deal with ransomware.
“Let me be clear: Ransomware now poses a national security threat,” Mayorkas stated in the webcast.
Ransomware assaults have elevated lately as operators adopted new techniques like public leak websites the place they put up stolen knowledge if a ransom goes unpaid. Attacks spiked considerably in the course of the pandemic, impacting a number of the most susceptible sectors together with hospitals and schools. During the webcast, Mayorkas referred to the ransomware assaults towards these and different essential infrastructures as “horrendous acts” and stated these behind them needs to be held accountable.
“There are actors on the market who maliciously use ransomware throughout an unprecedented and ongoing international pandemic, disrupting hospitals as a whole lot of 1000’s die. This ought to shock everybody’s conscience,” he stated.
In response to the rise in malicious exercise, the federal government plans to step up its efforts to struggle ransomware, which is able to happen within the coming weeks. According to Mayorkas, that features motion to attenuate danger of turning into a sufferer within the first place, in addition to an consciousness marketing campaign to have interaction with companions like cyber insurance coverage corporations.
In addition, Mayorkas stated DHS will step up legislation enforcement motion towards cybercriminals and darkish internet markets that contribute to the threat. “With respect to responding to ransomware assaults, we’ll strengthen our capabilities to disrupt those that launch them and the marketplaces that allow them,” he stated.
Additionally, the webcast offered an replace to final 12 months’s huge provide chain assault on software program vendor SolarWinds, which impacted a variety of high-profile victims together with a number of federal companies. In response to the continuing threat, which initially exploited a malicious replace in SolarWinds’ Orion platform, Mayorkas acknowledged that the federal government was unaware it had been hacked for months till it was alerted by one other sufferer of the nation-state assault, cybersecurity vendor FireEye.
Mayorkas stated provide chain assaults pose further dangers, which can require a totally different strategy.
“Following final 12 months’s provide chain compromise concentrating on the federal authorities, we should construct again higher,” he stated. “It will take months or years to implement. Exploitation of SolarWinds highlighted that we have to consider provide chain dangers holistically. We want a risk-based strategy to evaluate all provide chain dangers.”
As a number of high-profile victims of the assault on SolarWinds had been being revealed, one other main hack hit the Microsoft Exchange Server. Like SolarWinds, it additionally impacted the federal authorities.
On March 2, Microsoft disclosed that Chinese nation-state actors exploited 4 vulnerabilities in its on-premises electronic mail server software program. Patches had been launched, and whereas assaults had been initially considered restricted, that proved to not be the case. An emergency directive was issued shortly after from the Cybersecurity and Infrastructure Security Agency (CISA), warning all authorities civilian departments and companies to replace instantly.
During Wednesday’s webcast, Mayorkas stated progress is being made in each assaults. “In the primary two months, the administration has made important strides in mitigating the SolarWinds and Microsoft Exchange incident.”
Mayorkas stated the assault on SolarWinds is only one of many incidents that underscores the necessity for the federal authorities to modernize cybersecurity.
“One laborious fact is that nobody is immune from cyber assaults, together with the federal government or our most superior expertise corporations. Ultimately, it isn’t a query of when you’ll be hacked, however reasonably when,” he stated.
To enhance the U.S.’ cyberdefense, Mayorkas stated there are “urgently wanted” rules that needs to be adopted. That contains daring and rapid improvements, widescale investments and elevating the bar of important cyber hygiene.
To that finish, the federal government is engaged on practically a dozen actions for an upcoming govt order, which Mayorkas stated will likely be launched quickly.