This October, National Cyber Security Awareness Month, the U.S. Government is making intelligent and systematic moves to combat cyberattacks, most notably ransomware. The two recent US Civil Cyber-Fraud Initiatives that are strategic measures this direction are:
- Launch of US Civil Cyber-Fraud Initiative by Deputy Attorney General Lisa O. Monaco (under the existing False Claims Act (FCA)).
- Proposal of a new bicameral bill, the Ransom Disclosure Act, to Require Disclosures of Ransomware Payments, by United States Senator Elizabeth Warren and Representative Deborah Ross.
Let us look at the importance of the two legislations and how they can empower us to understand and combat ransomware and other cyberattacks.
Impact of a Ransomware Attack
As described in our whitepaper, ransomware attacks should be avoided at all costs as the aftereffects are not easy to control. Once you are a victim of a ransomware attack, it isn’t easy to control the effects or even fully comprehend its impact on a business environment.
Take the SolarWinds attack as an example. Several organizations still feel the repercussions, even though it has been almost a year since the attack surface. Many individuals and entities are still experiencing a flurry of Business Email Compromise scams and phishing attacks from the stolen data. In addition to that, there are reliable reports that the Federal Aviation Administration and NASA (National Aeronautics and Space Administration) are among the latest cyber attack targets. Although there is no official confirmation that the same group of hackers is involved or that this attack can be linked back to the SolarWinds attack, it isn’t illogical, considering the fact that SolarWinds tools are used by several federal organizations and Fortune 500 companies. Further, FireEye, Microsoft, and Malwarebytes were among the cybersecurity companies which were also breached during the attack.
Hackers often use the supply chain vulnerabilities in vendor infrastructure to target their end customers. For example, hackers used SolarWinds’s vulnerabilities to target its vendors using fake Microsoft updates. This type of attack often happens because the vendors have greater administrative privileges than the users and even the company. After all, they deploy updates and patches remotely via the internet.
“Hence, when such complex and highly interconnected attacks take place, it is difficult to gauge and understand the full impact of a ransomware attack,” said Rizwan Virani, CEO, Alliant Cybersecurity. Even Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology in the Biden Administration, said that “the [SolarWinds] attack took “months to plan and execute” and will “take us some time to uncover this layer-by-layer.”
Impact of US Civil Cyber-Fraud Initiatives
The two primary objectives of the bills presented by Deputy Attorney General Lisa O. Monaco and the United States Senator Elizabeth Warren and Representative Deborah Ross are:
- To understand how cybercriminals operate and help the government gather detail regarding the ransomware threat; and
- To understand the amount of money lost because of cyberattacks and ensure that taxpayer dollars are used appropriately to combat these attacks.
These laws will provide priceless insight and information that can be used to strengthen our cyber posture and regulations to counter future attacks and safeguard victims.
“We even think that soon, the insights gathered can help Joint Cyber Defense Collaborative (JCDC) get the victim’s perspective. The JCDC is a collective of cybersecurity organizations that will help combat cyber threats.,” added Virani.
“A report by Verizon suggests that about 43% of cyberattacks are directed toward small businesses, and about 73% of SMB victims admit to paying a ransom. Hence the SMBs will benefit the maximum from these initiatives,” said Trey Stokes, Associate Director of Education & Awareness, Alliant Cybersecurity. “Since most cybersecurity solutions are aimed at large companies, attacks on SMBs go unnoticed. Added to that, the lack of a proper response plan and posture forces them to pay the ransom. This move will centralize all the cyberattacks related data to provide information to organizations like us, who are focused on strengthening the American SMBs sectors and offer solutions that are tailored to meet the unique needs of the middle market.”
Strengthening Supply Chain through Civil Cyber-Fraud Initiatives
Currently, the new addition to the FCA law makes it mandatory for federal contractors to report cyberattacks. The actions will assist in the government’s plan to build a resilient cyber infrastructure against such intrusions. The CMMC compliance also sets a bar for contractors to maintain proactive cyber practices. The new legislation will provide a 360-degree, holistic view of every government contractor when coupled with the new legislation.
Further, it will also help the government recover losses, especially if public sector organizations and their subcontractors have failed to meet the government’s security standards and taxpayer money is at stake.