General Paul M. Nakasone, the commander of US Cyber Command, stated at the latest national security incident that the organization has commenced taking direct action targeting multinational ransomware organizations as part of a much bigger campaign to reduce attacks on American businesses and infrastructures.
During his speech at the Reagan National Defense Forum, a gathering of national security experts conducted on Saturday, the General highlighted that the department is working in conjunction with the NSA, FBI, and other federal organizations.
Following the event, he told The New York Times that Cyber Command's current aim is to "understand the adversary and their insights better than we've ever understood them before."
The nation's cyberspace defense authorities began a campaign targetting ransomware threats from organized criminal rings around nine months ago, long before high-profile cases such as the Colonial Pipeline closure demonstrated how badly ransomware assaults might impair national and international infrastructure.
Whereas the General was tight-lipped about the specifics of currently underway and former counter-operations, prior reports indicated that Cyber Command was involved in both punitive actions, including those targeting Russian ransomware group REevil, and restoration efforts, such as those implemented by federal agencies following the Colonial Pipeline mishap. The latter resulted in the DOJ seizing and recovering the "majority" of the ransom paid to the DarkSide ransomware group.
All such efforts are part of a greater effort called for by a presidential executive order signed in May of this year. The 2021 legislation mandated a broad governmental transition to security measures such as mandatory two-factor authentication, zero-trust principles, and the establishment of a new Cybersecurity Safety Review Board.
At a recent presentation, the Chief of Cyber Command emphasized the need for "speed, agility, and unity of effort". He stated that all these three criteria were critical in confronting threats, regardless of whether they originated from nation-states, proxies, or independent criminal organizations. In the future, Nakasone hopes to see a federal push for a "whole-of-government effort."
Diplomatic outreach activities, as well as an extended and globalized focus on defending critical infrastructure resources, are seen as critical steps towards saving the nation from ransomware cyberattacks as well as other cyber invasions, according to the General.
