Cybersecurity and Infrastructure Security Agency (CISA) Executive Director Brandon Wales said today that the private sector needs to do more to help the government combat ransomware attacks, and expressed hope that the recently formed Joint Cyber Defense Collaborative (JCDC) effort between government and industry will go a long way toward providing a coordinated approach to deal with those and other cybersecurity threats.
More Help Needed
“Ransomware has become an incredible challenge, a security challenge for this country,” Wales said during an event organized by Axios, “and one in which we need the government to do more, [and] we need the private sector to do more.”
He said one of the best things that the government can do to help businesses protect against attacks is to share information with them about network protection, as well as continue efforts to disrupt attackers and the financial systems they use to collect ransom payments.
“But we do need more from the private sector,” he said. “We need to see more from them both in terms of the information that they’re sharing with the government after there has been an attack that could allow us to prevent future incidents,” Wales continued, “and we need them to think really hard about the payment of these ransoms.”
Paying off attackers, he said, “has only accelerated the crisis that we’re in today where it is so significant, and where these criminal enterprises are going after bigger and more critical targets like they did with Colonial Pipeline or, or major meat-producing facilities.” He emphasized, “that cannot be allowed to continue.”
Part of changing the calculus of ransomware victims in deciding to pay off their attackers, he said, involves putting in the work up front to make networks more secure and resilient, including through some of the more basic strategies including the adoption of multifactor authentication, and proper patching of vulnerabilities.
Once an organization has been attacked, however, Wales said “I think it matters how quickly you’re working with the government to make sure that we’re tracking that, and we can help prevent other victims” from being attacked. An early call to government, he said, also can provide a better chance that Feds will be able to help in more substantial ways, including trying to recover ransom payments.
From a higher-level perspective, Wales also expressed confidence that the JCDC effort will help government and industry combat cyberattacks on a much wider scale.
The collaborative, he explained, includes “critical private sector companies … that have very broad visibility into the cyberspace of this country and this world,” including major cloud and internet service providers, and security vendors.
“These are the companies that have the ability to see what’s happening across the board,” both in the United States and overseas, he said. “They have the ability to understand what’s happening, and take action at a scale that no company can do individually.”
“We’ve gotten everyone together with the goal of bringing together what’s best available from the United States government, whether that’s from CISA” or intelligence agencies, and the private sector, “and say as we are seeing things happen, what can we do to actually have an effect at scale.”
Ransomware, he said, is one of the early priorities for the JCDC “and is embodied in the work that we are trying to do to move from our kind of previous concept of public partnership to real operational collaboration, taking information and being able to take collective action quickly, and at a scale that’s really needed to combat the problem.”
“We think that JCDC is a critical linchpin of this effort,” Wales said. “It’s only a few months old, but [we] really think that it’s the future of collective defense in the cybersecurity sphere.”