Government Tries to Play Catch-Up Against Fast-Moving Cyberattacks

July 29, 2021 by Tom Ramstack
Government Tries to Play Catch-Up Against Fast-Moving Cyberattacks

WASHINGTON — Congress took a stab Thursday at improving the nation’s cybersecurity as the federal government mobilizes more resources against ransomware and hackers.

Both President Joe Biden and members of a House Homeland Security subcommittee described threats to U.S. computer systems as a potentially devastating economic risk.

“The number of high-profile cyber incidents over the past year has emphasized just how essential cybersecurity has become,” said Yvette Clarke, D-N.Y., chairwoman of the cybersecurity, infrastructure protection and innovation subcommittee.

Her subcommittee held its hearing on recruiting more cybersecurity personnel one day after Biden signed a national security memorandum that seeks to protect critical infrastructure.

It orders the Departments of Homeland Security and Commerce to develop “cybersecurity performance goals for critical infrastructure.” It also establishes an industrial cybersecurity control system.

Even as the president announced the initiatives, Biden administration officials acknowledged they were voluntary, potentially leaving security gaps that could be exploited by hackers.

A recent report by the cybersecurity firm Sonicwall found that ransomware attacks in North America increased 158% between 2019 and 2020.

Another recent report by the computer security firm Comparitech said cyberattacks against U.S. government organizations affected 71 million Americans and cost more than $18 billion in downtime and recovery.

Examples discussed at the congressional hearing included the SolarWinds and Colonial Pipeline cyberattacks.

SolarWinds was a Russian cyber spying attack against 18,000 computer networks operated by the U.S. and foreign governments as well as public policy foundations.* It exposed sensitive information that government officials are still trying to track down.

The Colonial Pipeline attack was a ransomware demand in May by Russian-based thieves against an oil pipeline system that originates in Houston and carries gasoline and jet fuel mainly to the Southeastern United States. It shut down computerized equipment managing the pipeline for six days until company officials paid a $4.4 million ransom in Bitcoin.

Clarke cited a report saying the United States fell short of its need for a skilled cybersecurity workforce to counter the attacks by about 460,000 personnel.

“We will need a multi-pronged approach that focuses on training the cybersecurity workforce of the future in schools and universities, re-skilling existing workers for the jobs that are currently available and making sure we have the right training in place” for a variety of challenges, she said.

Several bills are proposed in Congress that would increase federal funding for cybersecurity education and training.

“Quite simply, we will continue shouting into the wind until we fix these issues,” said Rep. Andrew Garbarino, R-N.Y.

Much of the discussion among witnesses at the congressional hearing was directed at the best strategy for achieving the workforce lawmakers want.

Tony Coulson, a professor of cybersecurity for California State University at San Bernardino, suggested wider use of apprenticeships by government agencies.

“I think the apprenticeship model has been incredibly underused,” he said.

The training would not require four-year college degrees but shorter, more-targeted educational programs like the ones offered at community colleges.

“I think community colleges in general are really an economic engine,” he said.

Max Stier, president of government workforce development organization Partnership for Public Service, said increased federal spending would be vital.

“We need to get more young people in government” handling cybersecurity, he said.

He recommended the U.S. government act promptly amid increasing threats of cyberattacks.

“By the time you get where you think you need to be, you’re already behind the curve,” he said.

Another breach of cybersecurity was revealed Thursday by Comparitech.

“A mysterious marketing database containing the personal details of an estimated 35 million people was exposed on the web without a password,” the security firm said on its website. “The database included names, contact information, home addresses, ethnicities and a wealth of demographic information ranging from hobbies and interests to shopping habits and media consumption.”

A+
a-

Corrections

* According to the Cybersecurity and Infrastructure Security Agency, of the 18,000 customers that downloaded an affected version of the SolarWinds Orion software "a much smaller number have been compromised by follow-on activity on their systems."

  • Biden administration
  • cyberattacks
  • Department of Commerce
  • Department of Homeland Security
  • House Homeland Security subcommittee
  • Yvette Clarke
  • In The News

    Health

    Voting

    Cybercrime

    April 29, 2025
    by Tom Ramstack
    FBI Reports Sharp Increase in American Cybercrime Victims

    WASHINGTON — The FBI’s new Internet Crime Report released last week shows Americans lost $16.6 billion to cybercrime in 2024... Read More

    WASHINGTON — The FBI’s new Internet Crime Report released last week shows Americans lost $16.6 billion to cybercrime in 2024 despite an intensified government effort to stop it. The losses were up by one-third from a year earlier.  Fraud was the most common crime, particularly among... Read More

    March 10, 2025
    by Dan McCue
    Cyberattack Puts X on Ice as Social Media Platform Suffers Multiple Outages

    WASHINGTON — If at first you don’t succeed, hit retry and retry and retry again. That was the message from... Read More

    WASHINGTON — If at first you don’t succeed, hit retry and retry and retry again. That was the message from Elon Musk’s X as the social media platform experienced multiple outages on Monday. Musk attributed the outages to a "massive" and unusual cyberattack. “We get attacked... Read More

    The US and Microsoft Disrupt a Russian Hacking Group Targeting American Officials and Nonprofits

    WASHINGTON (AP) — A hacking group tied to Russian intelligence tried to worm its way into the systems of dozens... Read More

    WASHINGTON (AP) — A hacking group tied to Russian intelligence tried to worm its way into the systems of dozens of Western think tanks, journalists and former military and intelligence officials, Microsoft and U.S. authorities said Thursday. The group, known as Star Blizzard to cyberespionage experts,... Read More

    June 24, 2024
    by Tom Ramstack
    Russian Software Company Sanctioned as US Warns of Espionage Threat

    WASHINGTON — The U.S. Treasury Department on Friday sanctioned a Russian software company that sells antivirus and cybersecurity software in... Read More

    WASHINGTON — The U.S. Treasury Department on Friday sanctioned a Russian software company that sells antivirus and cybersecurity software in the United States, some of it to government agencies. The Treasury Department said it found links between Kaspersky Lab and the Russian military indicating the software... Read More

    October 7, 2023
    by Dan McCue
    Hackers Access DC Voter Records

    WASHINGTON — Hackers breached the District of Columbia's Board of Elections website on Thursday, gaining access to 600,000 "lines" of... Read More

    WASHINGTON — Hackers breached the District of Columbia's Board of Elections website on Thursday, gaining access to 600,000 "lines" of U.S. voter data, including D.C. voters reports, city officials said. Sarah Winn Graham, the spokeswoman for the board, said a hacking group known as RansomVC claimed... Read More

    July 18, 2023
    by Tom Ramstack
    Congress Told AI Holds Great Risks and Benefits for US Military

    WASHINGTON — Artificial intelligence experts warned Tuesday during a congressional hearing of ominous dangers for the United States if it... Read More

    WASHINGTON — Artificial intelligence experts warned Tuesday during a congressional hearing of ominous dangers for the United States if it falls behind in developing the technology but a bright future by taking the lead. One of the greatest risks would be defending against a foreign enemy... Read More

    News From The Well
    scroll top