Cyber criminals are ramping up ransomware attacks as part of a growing threat to U.S. companies and organizations, the nation’s top cybersecurity official said Monday during a virtual talk hosted by Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security.
Brandon Wales, acting director of the U.S. Cybersecurity and Infrastructure Security Agency, or CISA, joined McCrary Institute Director Frank Cilluffo for a livestreamed discussion on the state of ransomware and ways that CISA is combatting it.
“Incidents of ransomware have been increasing exponentially,” Wales said. “It’s affecting more and more types of businesses and public-sector entities. We’re seeing manufacturing companies, schools [and] hospitals [being hit].”
Wales said the amount of money being demanded is also increasing, and some attackers are even demanding companies pay twice—once to unlock their systems and again to prevent the leaking of sensitive data.
Wales said CISA is working to build capacity and share resources so that companies, organizations and the public sector can harden their defenses against ransomware attacks. CISA is also working with U.S. law enforcement to disrupt ransomware operations and payment schemes and take the fight to these adversaries.
CISA offers guidance and training so organizations can tighten their network defenses. Resources are available at cisa.gov/ransomware and cisa.gov/publication/cyber-essentials-toolkits.
Wales said many ransomware attacks can be prevented simply by practicing cybersecurity basics, such as regularly installing software patches, using multifactor identification, regularly backing up network data and training employees on phishing and ransomware.
“This is not a losing battle,” he said. “If you do the basics, it’s highly likely that the ransomware operator will move on to someone else.”
Wales said more sustained investment needs to happen to support states and localities in the fight to secure cyber space, and large companies also need to support smaller ones.
“The federal government is only one voice. We think it’s an important one, but we need states, we need governors, we need state CISOs [chief information security officers], we need large companies to all play an important role in bringing along the small and medium-sized companies to get them to the security level that is required,” he said. “In an age where everything is interconnected … we are always going to be susceptible to our weakest vendor or our most vulnerable supplier. So, the more that we can do to raise that baseline, the stronger we’re all going to be.”
Wales’ talk is the latest in a number of recent events hosted by the McCrary Institute on cybersecurity and election security. Videos of recent events can be found here.