Ransomware attacks increased by over 200% in 2020, according to in-depth research by VMware. To address the global concern over ransomware, the White House held a virtual counter-ransomware initiative meeting in October with senior officials representing 30 countries.
In my two decades in cybersecurity, I have never seen such august and proactive action taken by an administration to civilize cyberspace. The current administration has taken historic steps to secure American cyberspace and I applaud them for empowering collective action. Recently, the US also joined the Paris Call for Trust and Security in Cyberspace, an agreement signed by 80 countries that includes initiatives like defending elections from cyberattacks, protecting intellectual property, and other imperatives.
Public policy strategic opportunities
To combat ransomware and the growing cyberinsurgency, the right public policies need to be in place to help our nation and allies.
However, a Forrester study found that 70% of enterprises lack a cohesive security strategy, and while IT leaders are facing more pressure from the board, they are also grappling with cultural issues between IT and security teams.
Here are 6 strategic opportunities for public policy that could help fight cybercrime:
- Use seized criminal funds to strengthening US critical infrastructure cybersecurity. One of the most effective ways to target cyber criminals is to allocate seized virtual currencies and digital payments used in cybercrime conspiracies to cybersecurity investments across critical US infrastructures. Once cybercriminals turn funds into virtual currencies, it is impossible to track. Since these monies can’t be returned to the victims of these crimes, they should be used to strengthen our cyber defenses.
- Close anti-money laundering regulatory gaps for virtual currency. To deter cybercrime, the federal government should move quickly to clarify that, under existing legal authorities, banks and money services businesses, which include virtual currency exchanges, should be required to “know thy customer” and submit reports, keep records, and verify the identity of their customers. This clarification could come in the form of final rules issued by the Financial Crimes Enforcement Network or legislation from Congress.
- Expand cyberfraud taskforces internationally. The cybercrime syndicates must be countered by expanding the US Secret Service Cyberfraud Taskforces to facilitate information sharing and collaboration with trusted partners.
- CISA should expand public-private partnerships to encourage threat hunting in critical infrastructures. CISA and a number of private sector companies have already joined forces to identify, protect against, and detect malicious cyber activity—most recently through the Joint Cyber Defense Collaborative (JCDC). Additional public-private partnerships focused on threat hunting in critical infrastructure can help to increase cybersecurity across the ecosystem.
- CISA and FEMA should implement the cybersecurity grant program for state and local governments expeditiously to provide state and locals with cyber funding. The historic, bipartisan Infrastructure Investment and Jobs Act, which was signed into law on November 15, 2021, provides $1 billion in cybersecurity grants to state and local governments. CISA and FEMA should work to ensure that these funds are disbursed to state and local governments expeditiously.
- The Office of Management and Budget (OMB) should mandate that all agency CISOs should report to agency directors rather than CIOs. Defensive coordinators shouldn’t report to offensive coordinators.
Growing Cyberinsurgency
The US is facing a cyberinsurgency stoked by our cold war adversaries and their pax mafiosi with cybercrime cartels. The multiplicity of actors creates a free-fire zone that resembles Raqqa Syria. American cyberspace must be civilized and a counter cyberinsurgency must be waged through not just technology but via proactive public policy. As illustrated above, there are numerous opportunities for strategic public policy in cyberspace.
Our national and economic security depends on it.