Stopping Cyberterrorists is a Top Priority for the US
Biden administration has created a cross-government task force and instigated bounties to catch cyberterrorists.
In response to the growing ransomware threat and the aftermath of a series of high-profile breaches to U.S. infrastructure, the Biden administration is using a number of tactics, according to a senior administration official, including offering rewards of up to $10 million for information leading to the identity of the perpetrators.
Other options discussed include launching disruptive cyberattacks against hacker gangs and establishing partnerships with businesses to improve the speed with which information about ransomware outbreaks is disseminated among the different parties.
According to a report published on Wednesday by POLITICO, the White House has formed a cross-government task force to coordinate a range of defensive and offensive measures against ransomware, which has previously gone unnoticed.
Anne Neuberger, the administration's deputy national security adviser for cyber and emerging technology, provided senators with an early look at the administration's cyber and emerging technology strategy during a 35-minute briefing on Wednesday afternoon in the Senate chamber.
Members of Congress and experts have urged President Joe Biden to respond more forcefully to Russian President Vladimir Putin's inaction against ransomware operators, who have in recent months crippled much of the East Coast's gasoline supply, crippled a major meat processing company, and breached the IT software vendor Kaseya, among hundreds of other companies that are connected to the internet.
In the words of a Senate aide who asked to remain anonymous to speak candidly, federal agencies are taking actions under the supervision of the task force, including promoting digital resilience among critical infrastructure companies, working to halt ransom payments made through cryptocurrency platforms, and coordinating activities with United States ally countries.
In addition, a senior administration source said that the interagency group is "watching efforts weekly" to "implement the national counter-ransomware campaign." The White House receives frequent briefings on the actions of the agencies, according to the source.
The administration is also considering new cooperation with cyber insurance providers and critical infrastructure companies to enable businesses and the government to share information about ransomware attacks more quickly.
Congress is now debating a variety of potential options.
In the next week or next week, a bipartisan group of senators is expected to introduce legislation that would require a wide range of companies, including critical infrastructure operators, to inform the government when they have been hacked or otherwise compromised.
Legislation along these lines is now being developed by the House Homeland Security Committee.
Because of a paucity of information on private-sector breaches, the federal government argues that it is more difficult for them to protect the country against cyber threats.
During a briefing for senators on Wednesday, officials asked for more authority to establish minimum cyber standards for critical infrastructure. A second Senate employee also requested anonymity to disclose the private discussion.
According to Neuberger's first assistant, senators were also told that the White House will unveil three more measures in the coming days, which they would consider.
According to the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, a new interagency website, stopransomware.gov, would be launched to collect defensive recommendations from various government agencies and organizations.
According to the organization, the Financial Crimes Enforcement Network (FinCEN) of the Treasury Department will hold a virtual conference on ransomware in August.
Aside from that, the State Department will use its "Rewards for Justice" program to provide cash incentives to anyone who gives information that leads to the arrest of ransomware operators.
On Tuesday, the REvil cybercriminal group disappeared without a trace, providing a bright spot in the anti-ransomware effort.
We don't know if the United States or Russia tampered with REvil's infrastructure or whether the criminals took the initiative and shut down their servers on their own, as other groups have done in the past in the wake of internal squabbles or increased official scrutiny.
In response to questions from reporters, the senior administration official declined to give any more information on the mystery.
"We have taken note of the disruption in REvil infrastructure," the official said, adding that "we have no more comment on it at this moment."
Ransomware group REvil goes offline