The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory on ransomware, in response to the DarkSide, the variant used in the recent attack on Colonial Pipeline.
<p><strong>Does it go far enough?</strong></p> <p> </p> <p>“Given the level of authority these agencies have, it goes about as far as it can. That said, the Government needs to do more. We can criticize critical infrastructure owners for not moving quickly enough to strengthen their cybersecurity postures. But now, as nation-states, ransomware gangs and other cyber criminals get more daring and execute attacks that are impacting civilization, its fair to criticize the government for not doing enough to help protect us when it comes to “no dust” defensive actions, and offensive actions too to shut down threat actors and hold them accountable.”</p> <p> </p> <p><strong>What, if anything, is missing?</strong></p> <p> </p> <p>“More aggressive programs and incentives to help critical infrastructure organizations strengthen their security and time to help keep threat actors at bay. That includes tax breaks for cybersecurity, particularly cyber-defense for critical infrastructure should be something we move toward. Having private companies take on their defense.” </p> <p> </p> <p><strong>What do you think the response will be?</strong></p> <p> </p> <p>“Hopefully more organization will take this advice. From our work with critical infrastructure and industrial organizations around the world, we’ve found that those who invest early in cybersecurity are able to respond faster and with less financial damage to ransomware and other cyber-attacks. Enterprises with mature cybersecurity are more resilient and able to navigate those challenges easier than those that waited until an incident to invest in their defenses.” </p> <p> </p> <p>Why is the government acting so strongly now, when ransomware has been a serious problem for a long time (attacking hospitals for example)?</p> <p> </p> <p>“Frankly – it’s complicated. There isn’t an easy solution and real results must navigate government politics, privacy laws, international laws and will require cooperation from nation-state adversaries. It’s not a simple task, but we can take steps now to solve the problem. Waiting will only make it more difficult to solve. Additionally, the publicity around the impact was greater than many other attacks. Americans are suffering the impact at the gas pumps, or saw others going through issues. The visibility on rising gas prices and other impacts on innocent citizens also plays a role in bringing attention to the matter.”</p>
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics