US Sets Up Multi-Agency Anti-Ransomware Task Force

May 24, 2022 CyberCecurity Leave a comment

As part of CIRCIA (Cyber Incident Reporting for Critical Infrastructure Act) in the just passed omnibus spending bill, CISA is required to stand up a Ransomware Task Force. Jen Easterly, head of CISA, having just won the battle that requires companies to report breaches and ransomware payments to her rather than the FBI (which pissed off the FBI enough that they publicly suggested that Congress not pass the Act), offered an olive branch and made the FBI co-chair of the task force.

The idea is to coordinate government wide efforts to curb ransomware. In this case, it does not mean more prosecution, although that is certainly something that Lisa Monaco would love to do.

No, what I think would be the smartest thing and, I think, what Jen Easterly understands, is that the government already has an amazing amount of information and resources.

It also has an amazing number of silos due to power-turf wars. Every agency’s report card gets an “F” under plays well with others.

If she can figure out a way to cut through some of the turf (everything in Washington is about power and the appearance of power), then maybe we won’t have another 9-11 where one agency knew about the attackers but did not share with others, according to the 9-11 commission.

If they are successful at distributing all of the information that they already have and can actually get people to act, we can significantly cut down the attack surface.

How do hackers work? They look at the patches that vendors release and know that businesses (and even worse, government agencies at the local and state level) won’t patch for weeks or months and figure out how to weaponize them. That only takes a few days. They likely have weeks to months to use those weapons before the “locks on the doors” get changed. Combine that with social engineering and you have a powerful weapon and weapon delivery system.

And in fairness, if we can get the LEOs (the FBI, state and local law enforcement) to work together, there are a lot of hackers in the United States. Those are all within the reach of the cops – if they only know who to look for.

But there are some things in government that don’t change. Jen said the group will hold its first official meeting in the next few months.

Pardon me, you can’t find an hour to meet next week or the week after?

I guess it is just not that much of a priority.

Credit: Data Breach Today