Over the last five months, ransomware attacks have reached an inflexion point as bold, opportunistic hackers succeeded in compromising the United States’ most critical infrastructure, including water, food, and fuel supplies. Profit is a key motivator as reports reveal that victims paid hackers over $406 million in cryptocurrency ransoms last year. Yet the financial motivation of the crimes belies their potentially catastrophic consequences.
The barrage of cyberattacks has exposed a need to reimagine what the nation protects and how it modernises to safeguard critical infrastructure, which includes defining what that means today. Not only the legacy infrastructure that has been in place since World War II that is vulnerable. Digital technologies that have kept society afloat and sane while battling the vicious virus are also at risk.
The U.S. has always been adept at pivoting in the face of hardship and vulnerability. Below are four steps the federal government can take to combat these attacks, especially now when hackers in the most remote areas of the world can lock down companies and industries.
- Critical infrastructure attacks must be understood as digital terrorism
Until now, foreign hackers mounting ransomware attacks have been acting with only modest repercussions. The U.S. must change the economics of ransomware attacks. Companies should not be left with the option to either pay ransoms or suffer the consequences, and officials should no longer consider hacks to be merely financial crimes.
Given the economic impact and damage, ransomware attacks on critical infrastructure should be considered “digital terrorism,” and those responsible should be labelled “digital terrorists.” Pursuing and disrupting hackers’ needs is crucial to garnering a response from not only law enforcement – but the entirety of the U.S. government.
- The U.S. must reconsider the definition of “critical infrastructure” for the modern era, and make digital security a priority
At this point, the federal government must expand the definition of critical infrastructure past bridges, dams, highways, pipelines and transit systems. Society’s digital connective tissue includes both the internet and the services it provides. It has become clear that Americans cannot work and live without digital service providers. These assets must be considered critical infrastructure and made resilient against cyberattacks, beyond physically securing their data centres and corporate headquarters.
cybersecurity experts are acutely aware that legacy utility, service and transportation facilities may have reasonable physical security, but remain inadequately protected from digital threats. Recent attacks made clear that the weakness must be addressed now using modern hardware, software and IT protocols pioneered by U.S. companies. To the extent that critical infrastructure providers are under-equipped to make necessary investments in modern cybersecurity technology, government incentives will speed deployment.
- Ransomware payments must be banned by law
Paying a ransom is dangerous. Each payout encourages future ransomware attacks, yet the victim has no guarantee that hackers will not return for another payday. As a matter of public policy, the U.S. government must outlaw ransom payments, as they are turning small-time crooks into big-time threats: One company’s capitulation enables a menace to society.
- Seize the opportunity for public/private collaboration
Given its financial resources, the U.S. might be assumed to have such a sophisticated critical infrastructure that is virtually impervious to danger. However, the nation’s combination of wealth and ageing infrastructures make the country a primary target for increasingly sophisticated threats spanning the public and private sectors. Despite its strengths, The U.S. ranks 13th overall in quality of critical infrastructure.
The government needs to retire industrial age concepts of security and begin protecting both citizens and businesses against mounting digital threats. Collaborating with private-sector experts will help the public sector anticipate likely threats, enabling smarter and faster adaptations as the security landscape evolves. As hackers increase their resources and deploy sophisticated ransomware attacks, the nation will need every possible advantage to defend against them.
As reported by OpenGov Asia, any organisation can be the victim of a ransomware attack, hence reducing the risk is essential to make the organisation less vulnerable. A risk-based framework is important to determine the most important data to protect in the face of ransomware attacks is critical.
the most fundamental aspect of data protection is to clearly understand the data and identify which data is critical. Therefore, data assessment is necessary to figure out the amount of data, the place of the data, who has access to the data. All of the information about the data needs to go into an information asset register. Without it, the organisation will not know what data they lost once they get attacked.