Against Ransomware, Joe Biden Forms Special Cybersecurity Task Force
JAKARTA - President Joe Biden's administration prepares to set up a cross-government task force to combat ransomware attacks on Wednesday, July 14. This follows a series of high-profile hacks that exploit cybersecurity flaws that could wreak havoc on society in the United States.
Through a previously undisclosed task force, federal agencies are expected to take defensive action, such as promoting digital resilience among critical infrastructure companies, and offensive ones. For example launching a cyber attack on a ransomware operator.
"Agents are also developing mechanisms to stop ransom payments made through cryptocurrency platforms, and they are coordinating all of these activities with foreign allies," said a Senate spokesman who asked not to be named. The US government also appointed Anne Neuberger as deputy national security adviser for cyber and new technologies
News of the task force comes as lawmakers and experts press President Joe Biden to respond more decisively to Russian President Vladimir Putin's inaction on ransomware operators, which in recent months have crippled large parts of the US East Coast gasoline supply. Their attack also paralyzed a large meat processing company and breached IT software vendor Kaseya and hundreds of companies connected to it.
“We have to send a very strong, even disproportionately message to Russia that we will not tolerate this,” House Homeland Security rating member John Katko told Bloomberg last week.
But Biden faces some good options to change Putin's calculations. Years of sanctions have proved ineffective, cryptocurrency regulation faces a daunting prospect, allies in Europe are heavily dependent on Russian energy supplies and retaliatory cyberattacks could backfire.
Congress has already pursued its own choice. A bipartisan group of senators is expected to introduce legislation this week or next week to require companies, including critical infrastructure operators, to report hacks to the government.
The U.S. House of Representatives Homeland Security Committee is also drafting a similar bill. Federal officials say a lack of information about private sector abuses has hampered their ability to protect the state from digital threats.
During Wednesday's briefing, officials called on the new authority to establish mandatory cyber standards for critical infrastructure. Neuberger also told senators that the White House would announce three more steps in the coming days, Senate sources said.
The DHS Cybersecurity and Infrastructure Security Agency will launch an interagency website, stopransomware.gov, to collect defensive guidance from various agencies. The Treasury's Financial Crimes Enforcement Network will also hold a virtual conference on ransomware in August.
Furthermore the US State Department will use a "Reward for Justice" program that offers cash payments on tips leading to the arrest of ransomware operators.
Meanwhile, a glimmer of hope for the fight against ransomware was realized on Tuesday, July 13, when the REvil gang, who carried out the Kaseya attack, suddenly went dark. It's not clear if the US or Russia interfered with REvil's infrastructure or if the criminals shut down their own servers, as other groups have done in the past after internal spats or increased surveillance.