Speaking at a conference this week, the Acting Assistant Secretary of Defense for Homeland Defense and Global Security warned that the Trump’s administration greatest challenges would be cybersecurity and critical infrastructure.
“The challenges with critical infrastructure, the electrical power grid, water, sewer and all of those things have significant challenges that we as a nation need to figure out,” Thomas Atkins said. Atkins’ position falls under the Department of Defense, but he works closely with DHS. “I think we’ve made some great progress over the last few years. There’s still a long way to go.”
Training continues to be a top priority for readiness, and annual exercises like CyberGuard try to keep security officials prepared for disasters and emergency scenarios.
“Cyber Guard is an exercise that talks about a domestic incident and how we, the Department [of Defense]—in concert with DHS and others—would respond to an event of that kind of significance. I would say that we are still working some of those planning and training and the exercising of that out, especially when you start talking about critical infrastructure.”
As reported in last week’s Intelligence Summary, critical infrastructure in the US continues to be targeted by both criminal and nation-state hacking groups.
San Francisco Metro Transit Authority hit hard with ransomware
News broke over the weekend that the San Francisco Metro Transit Authority had come under a ransomware attack when metro riders saw payment kiosks that read, “You Hacked. ALL Data Encrypted,” and contained an email address to contact. Ransomware has made numerous appearances in the EXSUM because not only has it been so effective at making money, but also because it’s struck some higher profile targets (like hospitals and schools, even). If this case is similar to previous cases involving the same ransomware, the cost could be over $73,000 (or roughly 100 bitcoins). Earlier this year, the Herjavec Group reported that the annual cost of ransomware, which encrypts computers until a ransom is paid, could approach a billion dollars in the US. This is the highest profile US target in recent memory.
We hope that the Trump administration does more to deter cyber attacks than the Obama administration has. We can maximize the federal and state cybersecurity budgets but until we control the root causes of cyber exploitation, especially from state-sponsored hacking groups, we’re going to face significant challenges and, ultimately, cybersecurity lapses and losses.