[ad_1]
The US government has made great strides over the past four years in the ongoing battle against the “scourge of ransomware,” as President Joe Biden has described it.
Early in his term, Biden and his administration quickly declared ransomware a national security threat, opening up new powers for the military and intelligence agencies. Since then, the United States has successfully disabled and restored the ransomware infrastructure Millions to pay the ransomand targeted some of the most notorious ransomware operators through indictments and sanctions.
Despite the government’s recent enforcement crackdown, the number of cyberattacks targeting US organizations continues to rise, and 2024 is set to be another record year for ransomware. This means that when President-elect Donald Trump takes office again in January, he will also inherit a major ransomware problem.
While it is difficult to predict what cybersecurity policy could look like in the next four years, the industry overall is preparing for change.
“It’s difficult to say what will happen to policy and regulation in the future, as there are so many layers and players involved in the change,” Marcin Kleczynski, CEO of anti-malware giant Malwarebytes, told TechCrunch. “However, I know that cyberattacks will not stop, no matter who is in office,” Kleczynski said, citing ransomware as a major concern.
A mixed bag in the first semester
From a cybersecurity standpoint, Trump’s first term as president has been a mixed bag. One of Trump’s first (albeit belated) executive orders after taking office in 2017 required federal agencies to immediately assess cybersecurity risks. Then, in 2018, the Trump administration unveiled the US government’s first national cybersecurity strategy in more than a decade, ushering in more aggressive “name and shame” attribution policies and relaxing rules to allow intelligence agencies to “hack.” on adversaries through offensive cyber attacks.
In late 2018, Congress passed a law Establishment of CISAa new federal cybersecurity agency charged with protecting America’s critical infrastructure. The Trump administration chose Chris Krebs as the agency’s first director, but the then-president summarily fired Krebs via tweet two years later for saying the 2020 election — which Trump lost — was the “most secure in American history,” in contradiction. Because of Trump’s false claims that the election is “rigged.”
While cybersecurity has not featured heavily in Trump’s messaging since then, the Republican National Committee, which endorsed Trump for office, said: During the 2024 election cycle The next Republican administration will “raise security standards for our critical systems and networks.”
Expect a deluge of deregulation
Trump’s push to cut federal budgets as part of his pledge to reduce government spending has raised concerns that agencies may have fewer resources available for cybersecurity, which could make federal networks more vulnerable to cyberattacks.
This comes at a time when American networks are already under attack from hostile countries. This year, federal agencies warned ‘The widespread and unrelenting threat’ By Chinese-backed hackers, they recently raised the alarm over the successful infiltration of several US telecom providers to access real-time call logs and text messages.
Project 2025, a detailed blueprint written by the influential conservative Heritage Foundation, which is said to be a A “wish list” of proposals Which will be taken up during Trump’s second term, he also wants the president to pursue legislation that would dismantle the entire Department of Homeland Security and shift CISA to operate under the Department of Transportation.
Lisa Soto, a partner at US law firm Hunton Andrews Kurth, told TechCrunch that deregulation will be an overarching theme of the Trump administration.
“This may impact CISA’s role in shaping cybersecurity regulations for critical infrastructure, which could lead to a focus on self-regulation,” Soto said.
Referring to New guidelines proposed by CISA in March It would require critical infrastructure companies to disclose breaches within three days starting next year. The so-called CIRCIA rules “may also be significantly revised to reduce requirements for reporting cyber incidents and related obligations,” Soto said.
This could mean fewer data breach notifications required for ransomware incidents, and ultimately reduced visibility into ransom payments, which security researchers have long pointed to as a problem.
Alan Liska, a ransomware expert and threat analyst at cybersecurity firm Recorded Future, told TechCrunch in October that much of the hard work the United States has done over the past four years, including creating an international coalition of governments that have pledged not to pay ransomware costs. Hackers, could become an early victim of widespread government deregulation.
“President Biden’s Global Ransomware Task Force has accelerated a lot of law enforcement activity because it has opened up information sharing,” Leska said. “There is a high probability that that will go away, or at least that the United States will no longer be part of that,” he said, also warning of the risk of increased ransomware attacks as intelligence sharing reduces.
Eye towards more turmoil?
With the focus on regulation reduced, Trump’s second term could pick up where he left off with offensive cyberattacks and employ a more aggressive approach in an attempt to address the ransomware problem.
Casey Ellis, founder of crowdsourced security platform Bugcrowd, says he expects to see an intensification of US offensive cyber capabilities, including increased use of hacking.
“Trump has a history of supporting initiatives that seek an outcome that deters enemies of the sovereign security of the United States,” Ellis told TechCrunch.
“I expect this to include the use of offensive cyber capabilities, as well as an intensification of the type of ‘hacktivist’ activities we have seen under the FBI-Department of Justice partnership over the past several years,” Ellis said. , referring to the government’s disruption efforts against botnets, websites running DDoS, and malware operations in recent years. “The focus will remain on the type of ransomware, initial access medium, cybercrime infrastructure, and quasi-governmental operations previously targeted by the US government.”
[ad_2]