In light of a spate of ransomware attacks in the U.S., and as part of a sweeping effort to modernize national cyber defenses, a new Executive Order aims to improve information sharing between the U.S. government and the private sector on cyber issues. The effort serves to strengthen the United States’ ability to respond to incidents when they occur and is part of ramped up efforts to protect security following recent ransomware attacks.
A ransomware attack on the Colonial Pipeline came at a steep price: hackers who infiltrated the network demanded over $4 million in ransom. The result of a reportedly single compromised password, the ransomware shut down operations of the company, which transports more than 100 million gallons of fuel daily to meet the energy needs of consumers from Houston, Texas to the New York Harbor, and led to several states declaring a state of emergency and temporary outages.
Beyond the pipeline, recent reports reveal the severity of ransomware attacks shuttering schools, affecting beef plants, delaying critical healthcare procedures, and disrupting other parts of the country.
New ransomware precautions are already in place. In January 2021, the Department of Justice (DOJ) announced that it launched a coordinated international law enforcement action to fight back against a sophisticated form of ransomware known as Netwalker, which has targeted companies, municipalities, hospitals, law enforcement, emergency services, school districts, colleges, and universities. According to the DOJ, attacks have specifically targeted the healthcare sector during the COVID-19 pandemic, taking advantage of the global crisis to extort victims.
In a recent effort, the Transportation Security Administration announced a new policy, which requires pipeline operators to report cyberattacks to the federal government within 12 hours. Moreover, in early June, the Deputy National Security Advisor for Cyber released an open memo to corporate executives and business leaders urging them to take immediate steps to address the threat of ransomware.
The new executive order aims to remove barriers to increasing information sharing between the government and private sector to allow IT service providers to report breaches without fear of legal consequences. It will also modernize and implement stronger cybersecurity standards in the federal government, and create a standardized playbook and set of definitions for cyber incident response by federal departments and agencies, among other priorities.
Read more in the May 2021 issue of the ANSI Government Relations and Public Policy Monthly Update, accessible to ANSI members.
A number of current standards support cyber safety, including a standard developed by ISO/IEC Joint Technical Committee (JTC) 1, Information technology, Subcommittee SC 27, IT Security techniques. ISO/IEC 27032, Information Technology - Security Techniques - Guidelines For Cybersecurity, provides guidance for improving the state of cybersecurity, drawing out the unique aspects of that activity and its dependencies on other security domains, in particular: information security, network security, internet security, and critical information infrastructure protection (CIIP).
An ASTM International standard, ASTM F3286-17, Standard Guide for Cybersecurity and Cyberattack Mitigation, addresses the company or government organizational need to mitigate the likelihood of cyberattacks and reduce the extent of potential cyberattacks.
INCITS/ISO/IEC 17826, Information Technology, Cloud Data Management Interface (CDMI), specifies the interface to access cloud storage and to manage the data stored therein. It is applicable to developers who are implementing or using cloud storage.
These are just a few of many examples of standards that support cyber security efforts.
What is Ransomware?
Ransomware is a type of malicious software, or malware, that prevents individuals from accessing computer files, systems, or networks – and demands a payment ransom for their return.
Scammers will often send ransomware through email phishing campaigns. People can unknowingly download ransomware onto a computer by opening an email attachment, clicking an ad, following a link, or even visiting a website that has been embedded with malware. The FBI has released tips to avoid a ransomware attack:
Source: The Federal Bureau of Investigation
Access additional related relevant cyber news:
Cybersecurity Standards and the 2015 Ukraine Power Grid Attack by Sam Cohen, Georgetown University, 2019 ANSI student paper competition winner.