By Tom Still
MADISON, Wis. – Among the long list of uncertainties surrounding the presidential transition is how the nation weathers a growing cybersecurity storm over the coming months.
President Trump’s firing of Chris Krebs, the widely respected cybersecurity chief within the Department of Homeland Security, won’t help.
Krebs was fired because he made the mistake of calling the 2020 election “the most secure in American history,” which doesn’t fit Trump’s narrative to the contrary. Putting aside the election and any major security breaches, real or imagined, the U.S. business and healthcare communities are cringing over how the world’s crooked cyber-mice might play now that a trusted cat is away.
Republican members of Congress have been among those to praise Krebs, a former Microsoft executive who led that company’s cybersecurity policy team before joining the Trump administration in 2018. The list includes U.S. Rep. Mike Gallagher, the Green Bay Republican who serves on the House Homeland Security Committee and its Cybersecurity and Infrastructure Security Subcommittee. Gallagher has co-sponsored four cybersecurity bills.
“Chris Krebs did his job and he did it extremely well,” said Gallagher, something of a cyber-security hawk when it comes to foreign and domestic attacks on the nation’s digital infrastructure. “The country is safer and our elections more secure from foreign interference because of (Krebs’) leadership …”
In part because the COVID-19 pandemic has put stress on businesses, government and other institutions, cyberattacks are on the rise. They are more sophisticated than ever before, with successful ransomware attacks alone taking place every 10 seconds around the world.
Because the pandemic has forced organizations to make rapid changes to business structures, it can lead to gaps in information technology systems. These gaps give cybercriminals the chance to exploit security flaws and to infiltrate networks.
What is ransomware? In general, it’s a type of malicious software designed to block access to a computer system until a sum of money is paid. Experts say that if everyone who is subject to a ransomware attack attach refused to pay, it might simply go away. But that’s not what some nervous companies and institutions are doing.
Particularly vulnerable are health care systems, which are being hampered at precisely the time the nation needs them most.
It was reported recently by xtelligent Healthcare Media that the FBI is investigating a wave of cyberattacks, including Ryuk ransomware and Trickbot malware, that are targeting American hospitals, health systems and other providers. Bring down a hospital’s electronic health records system and innocent people might die, which makes the trend that much more reprehensible.
Ransomware is not the only way cyber-crooks make their money. Writing a few weeks ago for the Wisconsin Technology Council, the managing partner of Aberdean Consulting noted that phishing and spoofing messages had more than doubled in a month and a half.
“Microsoft Cloud accounts are a treasure trove for cybercriminals looking for sensitive organization data,” Aberdean’s Jim Blair wrote. “Attackers use email-based phishing or spear-phishing attacks, automated credential stuffing, or ‘brute force’ password guessing attacks. The dark web contains 9 billion compromised user passwords that hackers are using.”
Blair went on to note that 99% of email attacks are preventable with multi-factor authentication, which should be better utilized by more companies. Krebs once wrote a column that was headlined, “Turn on MFA Before Crooks Do It For You.”
Winter is coming, the COVID-19 pandemic is raging on and cyber-criminals are more focused on the United States than any other nation. It’s not that Chris Krebs would have been retained by the Biden administration, but was this a smart time to fire the guy at the head of the nation’s cybersecurity pyramid along with key members of his team? That answer is a resounding “no.”
Still is president of the Wisconsin Technology Council. He can be reached at email@example.com.