Yesterday our CEO and Co-Founder, Robert M. Lee, joined several industry experts on Capitol Hill to offer perspective to the members of the U.S. Subcommittee on Oversight and Investigations of the Committee on Energy and Commerce during a hearing on “Stopping Digital Thieves: The Growing Threat of Ransomware.”
The hearing was convened to examine the growing threats posed by ransomware to U.S. businesses and critical infrastructure and to discuss recommendations for combating those threats. In convening the hearing, members stressed the importance of the discussion at this moment where it has become evident that low barriers to entry and the increasing interconnectedness of business and operational networks – including the proliferation of remote work accelerated by the COVID-19 pandemic – have contributed to an increased number of ransomware attacks.
The broad scale and scope of these recent attacks have demonstrated the real-world impacts and vulnerabilities associated with ransomware, which have led to discussions of several potential policy approaches. The Biden Administration has identified ransomware as a national security threat and describes its ransomware strategy to include “disruption of ransomware infrastructure and actors by working closely with the private sector; international cooperation to hold countries who harbor ransom actors accountable; expanding cryptocurrency analysis to find and pursue criminal transactions; and the federal government’s review to build a cohesive and consistent approach towards ransom payments.”
In his opening comments, Rob – who in addition to his leadership of Dragos currently serves on the U.S. Department of Energy’s Electricity Advisory Committee as the Vice Chair of the Grid Resilience for National Security subcommittee and on the World Economic Forum’s electricity and oil and gas cybersecurity subcommittees – highlighted that, specific to the topic of ransomware, Dragos has responded to numerous ransomware incidents in operational technology (OT) environments that have gone unreported.
While each company has done the right thing to get help and remediate the issues at their own cost, these incidents happen far more often than people realize. Despite the frequency, they tend not to make the news because the disruption does not rise to a level that is noticeable, especially when companies have resiliency in their industrial operations and what they produce.
Rob underscored five key points to the subcommittee in the context of harmonizing roles and responsibilities between private sector and government.
A quick summary of these points:
- To defend against ransomware, we must first find a way to harmonize the roles and responsibilities of the private sector with government and the government’s need to be aware of critical breaches. There are significant and important roles and responsibilities that government has but there are also significant expertise and capability that the private sector can bring.
- There must be a simplified unburdened process and single point of contact with the government. Whichever government agency is on lead does not matter as much to the private sector though it seems the right answer is CISA.
- Ransomware in OT is exposing the underinvestment in cybersecurity in many organizations. [Rob’s] prediction is as we counter this threat together the community will gain much more insight into the state intelligence and military units’ activity in this space.
- Critical infrastructure companies stand ready to do the right thing and partner with government fully. However, differing regulation regimes and requirements can distract from focusing on the shared goal of security.
- Government should communicate the why and the what to private sector but leave the how to the individual entities.
Ransomware in ICS Environments
Ready to put your insights into action?
Take the next steps and contact our team today.