Ransomware is likely to remain a threat to U.S. economic and national security for years to come, the country’s top military cyber official said Tuesday.
Army Gen. Paul Nakasone, the director of the National Security Agency, said at a conference hosted in Washington, D.C., by cybersecurity firm Mandiant Inc. that he believes ransomware attacks won’t end anytime soon.
“Every single day,” Gen. Nakasone said in response to a question from Mandiant Chief Executive Kevin Mandia on whether the world will be dealing with ransomware daily in five years.
Gen. Nakasone, who also serves as the commander of U.S. Cyber Command, said last month that the NSA would be focusing on ransomware as part of a “surge” operation. This involves dedicating personnel to understanding the tactics and methods of ransomware operators, and analyzing how the NSA may need to partner with others to pursue hackers.
Attacks on Colonial Pipeline Co. in May and meat processor JBS SA in June disrupted fuel and food supply chains, respectively.
“Ransomware is a national security issue,” Gen. Nakasone said.
The federal government has also announced a number of initiatives in response to ransomware attacks in the U.S., which Homeland Security Secretary Alejandro Mayorkas said in a September speech have increased by 300% in the past year.
Initiatives include a task force formed by the Justice Department and an executive order issued by President Joe Biden directing federal agencies and contractors to overhaul their cyber defenses. In September, the Treasury Department issued sanctions against a Russian-operated cryptocurrency exchange, which it accused of facilitating ransom payments to cybercriminals.
Last week, Mr. Biden announced the U.S. will convene a summit of 30 nations this month to discuss how international cooperation can mitigate the impact of cybercrime.
During the Mandiant conference, Deputy National Security Advisor Anne Neuberger struck a more hopeful tone than Gen. Nakasone about the prospect of facing down ransomware attacks. The coming 30-nation summit will focus on setting international norms for cyber activities, financial regulation for cryptocurrencies, law-enforcement partnerships and building resilience against cyberattacks, she said.
“One of the things that we really want to accomplish together in cybersecurity is to be fighting different fights in six months, in a year,” she said.
Write to James Rundle at [email protected]
Copyright ©2021 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8
Appeared in the October 6, 2021, print edition as ‘Ransomware Attacks Expected to Prolong.’
