Democratic lawmakers urge agencies to act on ransomware
Blockchain & Cryptocurrency, Critical Infrastructure Security, Cybercrime
Letter to 4 departments claiming cryptocurrency allows these attacks
Dan Gunderman (dangun127) •
October 11, 2021
A Congressional letter sent to heads of four federal agencies on Friday expressed the urgent need for the Biden administration to continue fighting ransomware. This includes a particular focus on the cryptocurrency infrastructure that enables these cyber attacks, according to four Democratic lawmakers.
See also: Take a defense-in-depth approach to IT security
The letter, written by Sens. Ed Markey, D-Mass., And Sheldon Whitehouse, DR.I., and Representatives Jim Langevin, DR.I., and Ted Lieu, D-Calif., Speaking to heads of State Departments, the Homeland Security, Justice and the Treasury – Antony Blinken, Alejandro Mayorkas, Merrick Garland and Janet Yellen, respectively – noting: “We urge [the departments] to pursue all available options to protect US communities and infrastructure against the growing threat of ransomware. “
In the letter, lawmakers call for “stronger coordination” between departments to address the role of cryptocurrency in facilitating attacks. There was a wave of high-profile attacks in 2021, including those that hit the Colonial Pipeline and temporarily cut off fuel supplies to the East Coast; meat producer JBS USA; and managed service provider Kaseya, which has reached some 1,500 downstream organizations.
The four departments did not immediately respond to Information Security Media Group’s request for comment.
A “difficult, dangerous and costly problem”
In their letter, lawmakers called ransomware “an increasingly difficult, dangerous and costly problem for government, private companies and small businesses.” They show the 2020 figures from the FBI Internet Crime Complaint Center, or IC3, which received nearly 2,500 ransomware reports with related losses amounting to $ 29.1 million. There has been a 20% increase in reported incidents and a 225% increase in ransom amounts demanded by hackers since 2019, according to lawmakers. Worse yet, they add, around 70-75% of ransomware attacks go unreported.
Markey, Whitehouse, Langevin and Lieu say the increase “threatens national security” because attackers can disrupt critical infrastructure and siphon off sensitive data.
The role of cryptocurrency
Lawmakers say cryptocurrency has “facilitated this explosive growth” by “providing easy, quick and hard-to-trace methods to launder illicit gains.” They call for increased enforcement of existing laws on money laundering and financial crimes to deter ransomware attacks and help recover crypto ransoms.
This work, they say, will draw on international partnerships: “Many ransomware attacks originate from jurisdictions beyond the reach of US law enforcement, forcing US agencies to work with foreign partners and crypto exchanges. -currency to capture payments for ransomware or other related assets. “
The attackers, lawmakers continue, reside largely in Russia, China and North Korea, which “are countries that have actively or tacitly supported ransomware attacks against the United States and hampered US efforts to expatriate. cryptocurrency ransoms “.
Commenting on Friday’s letter, William Callahan, a former special agent in charge of the Drug Enforcement Administration, told the ISMG: The proliferation of cryptocurrency has not only facilitated an explosive growth in ransomware attacks, but also is also developed as a payment method for [activities on the] Dark web. “
“Recognize the urgency”
Lawmakers praise recent White House efforts “to recognize the urgency” of the ransomware threat – citing the Justice Department’s efforts to recover more than $ 2.7 million in cryptocurrency as a result of the Colonial Pipeline attack. They also praise the Treasury Department’s sanction against Suex, a Russia-based cryptocurrency exchange that allegedly aided ransomware players.
Last week, the Justice Department also announced it would create a National Cryptocurrency Enforcement Team, or NCET, to trace and help recover assets lost due to fraud and extortion, including crypto payments to ransomware groups.
“We believe that stepping up efforts to seize cryptocurrency ransoms and increasing costs associated with facilitating ransom payments can certainly help deter ransomware attacks by lowering their profitability and changing the incentives of ransomware. actors of the threat “, note the lawmakers.
And Callahan, currently director of government and strategic affairs at Blockchain Intelligence Group, adds, “The illicit use of cryptocurrency requires not only a whole-of-government approach, but a whole-of-government approach, just like we did with the drug. to fight transnational criminal organizations of drug traffickers.
Callahan believes these efforts will require additional funding from Congress.
Neil Jones, a cybersecurity evangelist for the Egnyte company, told ISMG that “with the growing volume of ransomware attacks and the rise in ransom payments, it is clear that current approaches to combat ransomware just doesn’t work. “
Jones praises recent efforts by Congress to introduce reporting legislation that would provide the U.S. government with a mechanism to assess and use critical data from cyber attacks. That, among other measures, he says, can also help turn the tide.
Tyler Farrar, a former crypto warfare officer for the US Navy and currently CISO of security firm Exabeam, also said that disrupting these crypto lockdown attacks and protecting critical infrastructure would require “reporting risks and attacks in real time”. It is a path that Congress has started to follow in recent weeks.
The October 8 letter asks the four department heads to answer the following questions by October 29:
- Ways the United States has worked with regional and international partners to attribute ransomware attacks, prosecute bad actors, and develop crypto standards and best practices;
- How US agencies located and repatriated crypto assets and methods in countries that have not signed mutual legal assistance treaties;
- Details of attempts to seize crypto assets from ransomware gangs over the past five years;
- Whether agencies have considered sharing data with insurers to facilitate actions against crypto exchanges or cybercriminals;
- Whether the DOJ needs a specific authority to direct confiscated funds to endpoint security and other cyber defenses or to assist victims;
- How crypto exchanges are treated when they do not adhere to “know your customer” or anti-money laundering or terrorist financing practices;
- What resources do agencies need from Congress to improve international cooperation or seize stolen funds?