Biden administration says partnering with private sector will better prepare for next cyberattack


Biden administration officials said Wednesday that the United States is now in a better position to respond to cyber chaos like the SolarWinds hack and the ransomware attack on the Colonial Pipeline due to the government’s new partnerships with the industry. private.

Eric Goldstein of the Cybersecurity and Infrastructure Security Agency told lawmakers that the Joint Cyber ​​Defense Collaborative puts potential targets in a better position to mitigate risk and share information before a cyberattack happens, rather than to wait for an attack to occur.

The JCDC, formed last year, has teamed up with national security and law enforcement agencies along with the private sector to fight hackers and ransomware attackers.

“If another incident like the compromises affecting SolarWinds Orion, Microsoft Exchange Server or Colonial Pipeline were to occur, the strengthened connective tissue between our partners will allow for a more unified response,” Mr. Goldstein said in written testimony to the House Homeland Security Committee. .

The Biden administration has said Russia was responsible for the SolarWinds software hack that compromised nine federal agencies, and the federal government has identified China as behind the Microsoft Exchange Server hack.

The Colonial Pipeline ransomware attack that disrupted the flow of fuel on the East Coast last year was linked to cybercriminal gangs, which victimized Americans across the country. The FBI’s 2021 Internet Crime Report, released last month, showed that complaints of Internet crimes increased by 7% last year compared to 2020 and that the corresponding crimes cost victims an estimated sum of over $6.9 billion.

The FBI is among the primary cyber-operational agencies of the JCDC alongside CISA, the National Security Agency, and the US Cyber ​​Command. Mr. Goldstein touted the cyber officials of these agencies working with America’s biggest tech companies, the energy sector and financial institutions as making the JCDC’s damage mitigation efforts a success.

The difference between the old model of cybersecurity and the one the federal government is currently pursuing is removing barriers to sharing the information that government and business collect. Deputy National Director of Cybersecurity Robert K. Knake told lawmakers that instead of having meetings between government and business officials, there is now “operational collaboration” between defense officials in the government and business.

“People at large corporations, systemically important entities, can engage with the private sector, with government, and can do so in real time from their workplaces,” Knake said during the briefing. Wednesday’s Homeland Security Committee hearing. “It’s a huge leap that the JCDC has really enabled over the last year and we’re really seeing the benefits of this maturation as we take on the Russian threat.”

The Biden administration has continually called for vigilance to counter Russia’s cyber threats to critical infrastructure involving things like power, communications and banking, amid Russia’s invasion of Ukraine.

The worst fears of cybersecurity professionals have not materialized and some experts are not noticing any change at all. For example, the cyber threat environment for financial institutions hasn’t changed much for those physically removed from the Russian invasion, according to Steven Silberstein, CEO of the Financial Services Information Sharing and Analysis Center.

“As I speak, the financial sector has not experienced an increased level of cyberattacks directly attributable to Russia,” Silberstein told the Homeland Security Committee on Tuesday. “We are still monitoring the continued background noise of low-level cyberattacks and reconnaissance missions, however, outside of the conflict zone, we are not seeing any significant increase in attacks attributable to any specific geography or threat actor. .”


Comments are closed.