While I’m sure I will do more security tomorrow, I want to highlight one story that hit this weekend.
The head of US Cyber Command has confirmed that the US military has taken offensive action to disrupt cybercriminal groups. Nine months ago, the government viewed ransomware attacks as the responsibility of law enforcement. That has changed, and a stated goal is now to “impose costs”. General Paul Nakasone would not detail operations, actions, nor targeted groups, but indicated that the country was “on an upward trajectory.”
Why do we care?
The US government is starting to be more forward with its actions. It’s one thing to suspect the attacks, and something entirely different to be open about what is warfare.
The shift in approach is key. No longer is ransomware simply a matter of law enforcement. It’s viewed now as an attack on the homeland, and the US military is now openly acknowledging they are fighting back. Change happens slowly and in incremental steps, and here’s a step in what feels like the right direction. Of course, change is rarely linear.