UPDATED 11:21 AM PT – Wednesday, November 17, 2021
The House Oversight and Reform Committee conducted a hearing on ransomware attacks. On Tuesday, committee chairwoman Carolyn Maloney said the U.S. is at a tipping point as cyber attacks become more common and severe.
According to the committee, ransomware attacks are a serious threat to the economy, public health, infrastructure and national security. Cyber attacks reportedly doubled since 2017 and have targeted private businesses, state and local governments, hospitals, school districts and emergency services.
“Several recent attacks have used a malicious software known as ransomware, which encrypts a victims system and demands a payment in exchange for restoring access or refraining from publishing stolen data,” explained Maloney. “This is especially dangerous because it can shut down an entire system and can cause chaos in a community, industry or even an entire country.”
The chairwoman cited last years cyber attack against Solar Winds by Russian hackers and questioned how the U.S. should respond if Russia fails to take action against cyber criminals. National Cyber Director Chris Inglis touched on the importance of Russia’s role in stopping hackers at the source.
“The strategy that I articulated earlier and that others have reflected actually says we can become a harder target, we can increase resilience and robustness, we can bring international coalitions to bare, we can find these transgressors not simply in Russia but as they travel to other countries or as they ship their illicit games across the internet,” he stated. “So all of those instruments should be brought to bare. We will continue to pressure the Russians very strongly to help them understand that they must do their part.”
This comes as several high-profile cyber incidents, including the ransomware attacks on the Colonial Pipeline and Kaseya, have highlighted the growing national security threat. The Justice Department seized more than $6 million from the Russian-linked REvil ransomware gang earlier this month and charged two individuals suspected of plotting cyberattacks.