Dive Brief:
- Sen. Gary Peters, D-MI, urged the Biden administration to implement a cyber incident reporting mandate, after the Senate Homeland Security committee issued a report Tuesday showing the vast majority of ransomware attacks and crypto-based payments continue to go unreported.
- Peters said the federal government lacks comprehensive data on ransomware attacks, making it more difficult to prevent, mitigate and recover from malicious attacks against critical infrastructure, which has skyrocketed in recent years.
- Congress in March passed the Cyber Incident Reporting for Critical Infrastructure Act, which requires critical infrastructure providers to report substantial cyberattacks as well as ransomware payments to the Cybersecurity and Infrastructure Security Agency (CISA).
Dive Insight:
Peters in July 2021 launched an investigation into the role cryptocurrencies play in ransomware. The probe was announced after a series of devastating ransomware attacks on key industries, including the May 2021 attack on Colonial Pipeline, followed weeks later by a ransomware attack on meat supplier JBS USA and the July ransomware attack against IT monitoring firm Kaseya.
The attacks demonstrated the potential impacts of such malign activity on national security, giving rise to a series of Biden administration measures to crack down on ransomware.
The Department of Justice formed of a task force last year to help coordinate investigations into criminal ransomware, leading to increased cooperation with international law enforcement partners. It also took additional measures to recover ransom payments, shut down the infrastructure of criminal gangs and shut down crypto transfer companies and money laundering operations.
But about 75% of ransomware attacks go unreported, the Senate report said, citing prior testimony from CISA. Federal authorities have previously urged the private sector to quickly share information about ransomware attacks, so they can potentially disrupt the operations and recover funds.
Bitcoin has become the preferred payment method of ransomware gangs, because the payments are hard to track and can move extremely fast. Blockchain specialist Chainanalysis found malign actors extorted $692 million in ransomware payments in 2020, a 355% increase over the $152 million extorted in 2019, according to numbers cited in the report.
“We need to build on this landmark effort to go after criminal hackers [and] disrupt the incentive virtual currencies provide for them to commit attacks,” Peters said in a tweet.
The report calls on the administration to standardize federal data on ransomware incidents and payments. Congress should establish new public-private initiatives to investigate the ransomware economy, according to the report.
The report’s recommendation for a public-private partnership to conduct research on the ransomware economy and develop effective countermeasures is spot-on and needed now, according to Adam Golodner, co-chair of Trusted Future, a nonprofit group focused on digital security, privacy and related issues.
“In the ransomware-cryptocurrency issue, each only see part of the whole, but together they can forge a realistic picture of the landscape and create an actionable plan to reverse the upward trajectory of the ransomware curve,” Golodner said via email.
