“Biden Warns Putin to Act Against Ransomware Groups, or U.S. Will Strike Back.” That’s a recent headline in The New York Times, about a phone call President Biden made to Russian President Vladimir Putin. “I made it very clear to him that the United States expects, when a ransomware operation is coming from his soil, even though it’s not sponsored by the state, we expect them to act if we give them enough information to act on who that is,” President Biden told reporters. While the President is under increasing pressure to take some form of retaliatory actions against the rising tide of ransomware and other cyberattacks, the reality is that escalating a cyber battle carries risk, much like the old Cold War, which the Times makes mention of, noting: “Mr. Biden’s challenge to Mr. Putin could pose a major credibility test in coming weeks—and further escalate a Cold War-like series of confrontations between the United States and Russia, now fought in cyberspace rather than across the Berlin Wall.” Frustrations, and tensions are building. The article quotes John Hultquist, a director of threat intelligence at FireEye, as saying: “It might feel like this problem is new, but it’s been exhausting security teams for years now. Ransoms have exploded and actors have become more audacious. Where we are now was entirely predictable. It has been like watching a slow-motion car crash.”
“Top Lawyer for U.S. Cyberwarriors Calls for Military Cyber Response to Global Criminal Hackers.” CBS NEWS carries that headline, which underscores the pressure, as noted above, that President Biden is under to retaliate against Russia and other foreign states that are sponsoring—or at least harboring—criminal hacking groups. NBC News reports that: “Kurt Sanger, a Marine lieutenant colonel serving as general counsel at U.S. Cyber Command, argues in an article published last week on Lawfare.com that the disruptions from ransomware and other criminal hacking threats have become so harmful to national security that using military force against them—with lines of code, not bombs and bullets, as weapons—is justified and legal.”The article, co-authored by, Peter Pascucci, a judge advocate with the rank of commander in the Navy, carries disclaimers that the article is the view of the authors, not the U.S. government. NBC News notes: “It was significant that Sanger, who has been laboring in the legal trenches of military cyber operations for years, came out publicly and forcefully in favor of hacking the hackers. For years, successive administrations have been reluctant to respond forcefully with cyber weapons to hacking by either nations or criminals, in part because the U.S. is uniquely vulnerable in cyberspace and leaders feared the implications of a potential retaliation and escalation.”
“New York City Opens Cyberattack Defense Center.” The Wall Street Journal carries that headline for its coverage of New York City becoming what it calls the first major American metropolitan area to open a real-time operational center to protect against cybersecurity threats. The article reads in part, “Set in a lower Manhattan skyscraper, the center is staffed by a coalition of government agencies and private businesses, with 282 partners overall sharing intelligence on potential cyber threats. Its members range from the New York Police Department to Amazon.com Inc. and International Business Machines Corp. to the Federal Reserve Bank and several New York healthcare systems.” Manhattan District Attorney Cyrus Vance Jr. , who was among the founding members of the project, is quoted as saying: “If any city in America needs this cross-sector and government collaboration, it’s us.” Unfortunately, just about every city likely needs similar protection. Global Cyber Alliance President and CEO Philip Reitinger is quoted as saying: “Cities increasingly depend on cyber. Everything is connected.”
“Cyber Reinsurance Rates Through the Roof Following Rash of Major Ransomware Attacks.” That headline, from CPO Magazine, is significant, though not surprising. File that under: Stories we knew were coming. The article reads, “As major ransomware attacks continue to be an almost-weekly news item, companies up for policy renewal are getting an unpleasant surprise. Reinsurance broker Wills Re reports that cyber reinsurance rates are up by as much as 40% across the industry, following a period of several months that saw attacks on critical infrastructure and supply chains across the world.” The reinsurance industry insures the insurers that serve end customers, so when they raise their rates, the increases are largely passed on to the insured. Interestingly, the article poses the question of survivability for the ransomware insurance industry. “There is emerging debate that cyber insurance is an unsustainable industry given that these incidents are only expected to increase in frequency and severity in the near term, and that the mere existence of these policies is part of what’s spurring the massive growth in ransomware attacks.” The author notes that one answer might be for insurers to take a more aggressive role in monitoring the cybersecurity measures taken by their customers, rewarding those with strong security. If this results in tighter cybersecurity, then that’s one positive to emerge from this challenging situation.
Clinton A. Pownall is the President & CEO of Computer Business Consultants and has been in the IT field since 1990. Pownall served in the U.S. Navy for six years as a Weapons Systems Technician and has a Bachelor of Science in Computer Engineering. Through Computer Business, he was one of the first to pioneer VoIP technology using satellite communications. He is a member of the Florida Police Chiefs Association, and advises law enforcement agencies on cybersecurity. Pownall serves on several boards and committees and has a strong affiliation with various arts and education groups, local school districts, and served in regional efforts of the Bill & Melinda Gates NextGen Foundation. He’s served as a Vice President of the Board of Director for the Orlando Shakes Theater and is actively involved in the South Lake Chamber of Commerce, West Orange Chamber of Commerce, and the Orlando Economic Partnership.