Forge Institute Response to Recent Ransomware Attacks Against Major American Infrastructure

The ransomware attacks against Colonial Pipeline and JBS show a disparity in America’s private infrastructure cybersecurity capabilities. In a time where everything electronic in households is part of the Internet of Things (IoT), cybersecurity should be at the forefront of everyone’s mind from the presidential level down to the end-user. 

Ransomware is not an emerging threat. Its first documented use was in 1989 against the healthcare industry. Despite the continued trends of cyber attacks against our nation’s major companies, infrastructure, and national security interests, cybersecurity is viewed as an unnecessary expense. 

Advanced Persistent Threat (APT) actors continue to develop new intrusive and malicious tools to penetrate networks and systems. In a time where tools like APT33’s Shamoon virus (famously used against Saudi Aramco) and the Equation Group’s Stuxnet worm (famously used against industrial facilities in Iran) are over 10 years old, Ransomware should be an expected low-level tactic, technique, and procedure used by disruptive criminal groups. The real concern should be the future tools developed by APT’s who have capabilities similar to that of APT33 and the Equation Group.  The only way to combat the APTs is to have an equally innovative defensive cyber workforce.

The reality of these recent attacks is that it’s only the beginning. Without a rapid shift towards prioritization of funding, training, and development of cybersecurity professionals, America will crumble under advanced cyber attacks. Major infrastructure including power grids, dams, and water systems are all controlled by industrial control and supervisory control and data acquisition (ICS/SCADA) systems. A serious intrusion into any one of those could cause a crushing blow to critical American infrastructure and result in widespread panic from the American people. 

There are exponential ways to create a more secure cyberspace. The key ingredients are an investment in the professional development of IT and cybersecurity professionals, and an exceptional collaboration between private and public sector cyber and analytic professionals. Private and public sectors need to prioritize and implement them.