Federal authorities grapple in the dark with ransomware attacks, as disclosures fail to materialize promptly

In recent times, the cybersecurity landscape has been marred by a significant rise in ransomware attacks. The latest report from the Senate Homeland Security committee has shed light on this issue, revealing that the majority of such attacks and crypto-based payments continue to go unreported.

The report, issued on Tuesday, follows a series of devastating ransomware attacks on key industries, including the May 2021 attack on Colonial Pipeline. Notably, ransomware attacks on companies like Kaseya and JBS USA have also made headlines this year.

Adam Golodner, co-chair of Trusted Future, supports the report's recommendation for a public-private partnership to conduct research on the ransomware economy. His group, the Ransomware Task Force, aims to investigate this issue and develop effective countermeasures. According to Golodner, such a partnership is crucial to create an actionable plan to reverse the upward trajectory of the ransomware curve.

The Cyber Incident Reporting for Critical Infrastructure Act, passed by Congress in March, requires critical infrastructure providers to report substantial cyberattacks and ransomware payments to the Cybersecurity and Infrastructure Security Agency (CISA). This move is aimed at enhancing transparency and enabling a more coordinated response to these threats.

In a similar vein, the Department of Justice formed a task force last year to help coordinate investigations into criminal ransomware. This task force aims to disrupt the activities of ransomware gangs and bring perpetrators to justice.

Sen. Gary Peters, D-MI, has been at the forefront of these efforts. He launched an investigation into the role cryptocurrencies play in ransomware in July 2021. Peters has also urged the Biden administration to implement a cyber incident reporting mandate and to build on efforts to go after criminal hackers and disrupt the incentive virtual currencies provide for them to commit attacks.

Bitcoin has become the preferred payment method for ransomware gangs, due to its anonymity and ease of use. However, the Biden administration has taken additional measures to recover ransom payments, shut down the infrastructure of criminal gangs, and shut down crypto transfer companies and money laundering operations.

The Ransomware Task Force's efforts have led to increased cooperation with international law enforcement partners. Each party, government and private sector, can provide a comprehensive understanding of the ransomware-cryptocurrency issue when working together. Federal authorities have also urged the private sector to quickly share information about ransomware attacks.

In 2020, malign actors extorted $692 million in ransomware payments, a 355% increase from 2019. With these staggering figures, it is clear that the battle against ransomware is a critical one. The public-private partnerships, investigations, and reporting mandates are steps in the right direction, but more needs to be done to combat this growing threat.

Federal authorities grapple in the dark with ransomware attacks, as disclosures fail to materialize promptly