The White House hosted that ransomware summit last week. The outcomes – an agreement on a shared response, pledging to make systems more resilient via policy measures, resources, clear governance structures, incident response procedures, investing in worker training, and private sector partnerships. There was a focus on tracking crypto currency too – finding ways to disrupt the business model and associated money laundering.
And out of the Treasury Department – ransomware payments this year could top the entire past decade. From January to June of this year, ransomware transactions totaled about 590 million dollars.
VICE spoke with someone in the Office of Management and Budget – for those not in the know, the White House budget office – who have insight into the push towards a zero trust architecture and the investment in phishing mitigations. Key here – an emphasis on Personal Identity Verification cards (PIVs) and WebAuthn. This would push agencies to enforce phishing resistant multi-factor authentication at the application layer for staff, contractors, and partners.
Because the attacks are certainly getting bigger. Sinclair Broadcast Group had several television stations disrupted due to attacks – which included stations going off the air. That’s not their first breach too – they had another in July. Another group, linked to Chinese interests, has successfully compromised parts of the telecommunications network, per research released by CrowdStrike. This one allows access to subscriber information, call metadata, text messages, and other data. In Argentina, a hacker stole a government ID database for … the entire population. It’s now being sold online. BlackMatter is going after US critical infrastructure, including food and agriculture organizations, per a new alert from CISA, the FBI and NSA. This on the heels of a similar alert on water and wastewater facilities. This new alert highlights the payouts between eighty thousand and 15 million dollars.
Why do we care?
This feels like just such a massive escalation. TV outages, whole countries of citizens data being disclosed, attacking food and water. It also feels like a slow march.
Big picture. I’ve commented before about using stronger language to communicate on these threats. I’ve also commented about putting these threats into the competitive analysis framework for your customers. Combining them.. everything I just described above is a briefing on the state of the competition. Criminal elements are targeting disruption of operation of businesses across multiple industries, including and not limited to extortion for both data and downtime.
On the positive side, it does appear there will be some changes to come in the way these issues are regulated.
