U.S. crime-fighting agencies testified in front of Congress this week, and the hearing had a chilling title:
"America Under Cyber Siege: Preventing and Responding to Ransomware Attacks"
This year alone, ransomware attacks have disrupted critical infrastructure, the food supply, IT management, healthcare, education, transportation, and many other sectors of the economy.
For the most part, criminal and nation-state actors continue to launch attacks with little fear of facing consequences.
So, how did we get here and what can the United States and private organizations do about these cyberattacks?
Jeremy Sheridan, Assistant Director of the Office of Investigations at the United States Secret Service, offered some answers in his testimony. And he emphasized one thing the headlines already tell us:
"Year-over-year, the U.S. Secret Service has observed a marked uptick in the frequency, sophistication, and destructiveness of ransomware attacks against the American people."
3 reasons America is targeted with ransomware
Sheridan spoke to the U.S. Senate Judiciary Committee, and he explained what he views as the top three reasons America is under cyber siege through ransomware attacks:
- "The swelling profitability of these attacks, in part as a result of the growth of cryptocurrencies as a form of extortion payment"
- "The lack of adequate defenses on the part of many U.S.-based organizations"
- "The maturation of a cybercriminal ecosystem that has grown more sophisticated and destructive over the decades, perpetrating increasingly brazen attacks"
What does this maturing cybercriminal ecosystem look like? Sheridan explains:
"As the marketplace matured, criminals began sharing best practices for hacking, laundering illicit proceeds, and avoiding detection by law enforcement.
Cybercriminals who specialized in one particular area of cybercrime—such as network intrusion, malware development, or money laundering—began offering their products and services to others in exchange for a fee, or a percentage of the illicit proceeds of the scheme in which those products or services were to be used. Thus, the 'crime-as-a-service' industry was born, an industry upon which much of today’s ransomware environment depends.
This maturation coincided with, and in certain respects was the result of, two key technological developments. The first was the arrival of bitcoin as the first widely accepted cryptocurrency in 2009.
Bitcoin, which is based on public-key cryptography and ongoing decentralized computation to form a blockchain, offered cybercriminals a novel means of accepting and transferring value, one that does not always comply with the oversight and controls placed on traditional banking and financial systems."
3 ways America can improve defense against ransomware
Sheridan says we must recognize that ransomware will be a serious threat for the foreseeable future and that there is no "silver bullet" available.
He did tell the committee, however, that there are three ways we can collectively improve our ransomware defense:
- "We must reduce the profitability of ransomware campaigns by scaling up law enforcement efforts to detect and interdict the proceeds of these extortion schemes."
- "We must work with private sector, state and local governments, and other vulnerable organizations to improve their own network defenses."
- "We must dramatically intensify national and international efforts to investigate, arrest, and prosecute those engaged in ransomware and other transnational cybercrimes."
Read the complete Senate Judiciary Committee testimony of Jeremy Sheridan, Assistant Director, Office of Investigations, United States Secret Service.
