Press "Enter" to skip to content

Reporting ransomware highlighted by the US government

Before the long holiday weekend, the Senate Homeland Security and Governmental Affairs Committee urged the Cybersecurity and Infrastructure Security Agency (CISA) to implement new ransomware reporting rules as quickly as possible.  In a 51-page report, an increase in the number of attacks on US Schools, local governments, and healthcare facilities took center stage.

Also of note – explicating calling out the number being underreported.   “Both federal agencies and private companies raised concerns regarding the lack of visibility into the full scope of ransomware threats and cryptocurrency ransom payments,” the report explained.  

The report noted that both the FBI and CISA both claim to have the “one-stop” website for reporting attacks – IC3.gov and stopransomware.gov.

Speaking of the FBI, they warned in a new alert that Russian cybercrime is leveraging network credentials and VPN access of employees from US Colleges and Universities.    Most come from spear phishing.  

And speaking of underreporting, it’s not just a US problem – Royal Holloway in the UK also released a report focused on this gap.  

Finally, as an update to a story we’ve been tracking, Costa Rica took another blow on the ransomware front as the Hive operation hit the public health service.    Their computer systems were taken entirely offline.       In an IT services twist, it seems Conti, who is responsible for the attacks that resulted in the national emergency and statements of war I’ve previously covered, has actually partnered with several other organizations, including Hive, as Conti itself is slowly shutting down.   

Why do we care?

This should be a notable point for those who cover partnerships and the channel.  The ransomware operators partner too.      How about that?    A morbid validation of the partnership model for sure. 

So, is it the FBI or CISA that leads?   That debate will need to be shaken out and worth watching over time.    I’d offer for technology companies that either seems like a perfectly reasonable starting point and note that the real value is in the reporting.    Be prepared to report – it’s going to be critically important ongoing.    And the way to get prepared is before you need to do it.