The Ransomware Threat
RunSafe Security founder and CEO Joe Saunders recently sat down with an expert panel for the Billington Cybersecurity Summit. The event featured three days of high-level networking and knowledge-sharing to advocate the cyber mission in the U.S. government and among allied countries.
The panelists included the following government and private sector leaders:
- Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA, DHS
- Bryan Vorndran, Assistant Director, Cyber Division, FBI
- Adam Hickey, Deputy Assistant Attorney General for the National Security Division, U.S. Department of Justice
- Christopher Day, Vice President of Cognitive Cyber, ManTech
During the discussion, the panel explored the current cybersecurity landscape and the influx of ransomware threats in recent years. In case you missed it, we’ve got you covered with this blog post. Here, we’ll reflect and dive into the topics they discussed during the event, starting with national security.
National Security is Changing
How you approach cybersecurity threats requires more collaboration than ever before. The panel shared that the U.S. government’s strategy to emerging ransomware attacks is what one would call a “whole government approach”. Only by working together with every government sector and with other allies across the globe can we impose the toughest consequences against our cyber enemies.
To reach our greatest potential, we need to optimize the capabilities of the following organizations:
- Federal Bureau of Investigation
- Department of Justice
- Department of Defense
- Department of Homeland Security
- National Security Agency
- Cybersecurity and Infrastructure Security Agency
- Department of State
- Cyber Command
- Department of Treasury
- Private sector
- Intelligence community
We’re currently dealing with the second generation of cybercriminals. The panelists shared that stopping the damage inflicted by these intrusions, as a collective effort of all agencies listed above, is the first priority of mitigation efforts—while holding attackers accountable is second.
From a national security standpoint, Deputy Assistant Attorney General Adam Hickey shared that the primary objectives when approaching a ransomware threat are to prevent, disrupt, and mitigate the intrusion. Beyond responding to attacks, ManTech founder Christopher Day noted the need for cognitive cyber in addressing security threats. Using machine learning and automation, we can get ahead of threats and detect them as they occur. The earlier an attack is detected, the higher the probability of successfully dealing with the intrusion and reducing the stakes.
Federal Responsibility
The rise in ransomware attacks has put pressure on the federal government to do the following:
- Collect as much information about these attacks as possible.
- Use knowledge from previous attacks in mitigating new intrusions.
- Hold cyber adversaries accountable for their actions.
When a ransomware attack occurs, an organization’s chances of productively dealing with the ransom payment increase significantly if government agencies become involved in negotiations.
FBI Assistant Director Bryan Vorndran added that it is up to the U.S. government to seize every opportunity to close the window on cybercriminals as much as possible, making it harder for bad actors to benefit or gain from engaging in this kind of activity.
Advanced cognitive cyber efforts will help organizations rapidly detect threats, a critical component in the success of mitigation efforts. Early recognition will help reduce compromised infrastructure.
Addressing the Rise of Cybercrime
Bad actors are ramping up their efforts to access sensitive data with no sign of slowing down. Because these attacks have become inevitable, organizations need to understand the necessary cybersecurity measures to take and what to do in the presence of threats.
CISA’s Executive Assistant Director for Cybersecurity, Eric Goldstein, shared the value of diminishing the impacts of intrusions while simultaneously working to diminish their prevalence. He added that organizations across the U.S. must be familiarized with basic cybersecurity measures to reduce the likelihood of intrusions and reduce the functional impact when intrusions occur. To protect critical infrastructure, organizations should incorporate multi-factor authentication and segmented encrypted backups at the very least.
To help further cybersecurity knowledge, CISA published Stop Ransomware, a web page for organizations to access important information regarding the following:
- How to prevent ransomware intrusions
- What to do when an intrusion happens
- How to report an intrusion
If more organizations understand how to report the onset of a ransomware attack, this will help close reporting gaps that make it difficult to disrupt and collect data. Thousands of intrusions go under the radar because organizations do not know how to report attacks properly. These oversights are missed opportunities to gather crucial information about intrusions to fuel mitigation efforts later.
Stand Up to Ransomware Threats with RunSafe Security
From enterprises to military systems, defending against ransomware threats requires the latest technology and cybersecurity practices. RunSafe Security is changing the economics of security to empower critical infrastructure and enterprise IT systems in the fight against cyber attacks. Our portfolio of solutions is designed to immunize your software without slowing down your developers.
Our three-way approach to security monitoring and protection requires no change to development workflows and no additional testing. The following are RunSafe Security’s protections:
- Alkemist:Code: Adds runtime protections at build time
- Alkemist:Repo: Protects open source code in your lineup
- Alkemist:Flare: Alerts you to unknown problems
With RunSafe Security, your attack surface is dramatically reduced and applications are seamlessly integrated into your software development process.
Start your free trial today, enjoy the benefits of immunized software, and stand up to the growing ransomware threat.
FAQ:
Who is involved in the U.S. government’s “whole government approach”?
- Federal Bureau of Investigation
- Department of Justice
- Department of Defense
- Department of Homeland Security
- National Security Agency
- Cybersecurity and Infrastructure Security Agency
- Department of State
- Cyber Command
- Department of Treasury
- Private sector
- Intelligence community
What is the federal government doing about ransomware?
- Collect as much information about these attacks as possible.
- Use knowledge from previous attacks in mitigating new intrusions.
- Hold cyber adversaries accountable for their actions.