With the new National Cybersecurity Strategy out in the wild, I wanted to highlight some coverage in Axios focused on the declaration of ransomware as a national security threat. This opens up the avenues of more military involvement in the fight.
Quoting the piece:
Many of the military and intelligence community’s most powerful cyber tools have been reserved for operations involving state-backed hackers, like the Russian GRU or Chinese cyber spies. Now, that should change to also include ransomware gangs, experts told Axios. “They will use capabilities that have been previously reserved by law and by policy only to national security operations,” said Tom Bossert, president of Trinity Cyber and former U.S. homeland security adviser during the Trump administration. “They could now use our capabilities against a ransomware group in the same way they might use our capabilities against the Russian military.”
The other angle to this – listeners should be aware of Politico’s analysis of the incoming first-year class of representatives. There’s cyber expertise here. Examples include Representative Laurel Lee from Florida focused there as the Florida Secretary of State, and Representative Chris Deluzio, the former policy director at the University of Pittsburgh’s Pitt Cyber.
Why do we care?
One of the quips that are easily heard is that those in government don’t understand technology. While I won’t say we’re near enough, that’s increasingly untrue. Lawmakers serving on committees focused on areas of cyber are increasingly from that space with experience. With the threat of cyber being present long enough, it’s come up in their work prior.
And now the federal government has more tools to consider. I’m expecting to see less ransomware because of the focus and criminals’ desire to find other ways to achieve their revenue goals.

