Ransomware continues to be the number one threat to the Five Eyes Matching Nation and is getting worse as financial gain is no longer the only motivation for threat actors.
Felicity Oswald, COO of the UK’s National Cyber Security Center (NCSC), said ransomware is getting worse in the UK, talking about how collaboration is important in the fight against ransomware. attack surface or methodology.
Oswald also emphasized that the motives of today’s cybercriminals are not just financial, some ransomware attacks are state-sponsored.
Representatives from the United States, Canada and Australia agreed with the assessment that ransomware is a major concern for most technologically advanced nations. The Five Eyes are Australia, Canada, New Zealand, the United Kingdom and the United States, who share extensive information with each other.
Rita Erfurt, senior executive for threat intelligence at the Australian Cyber Security Center (ACSC), noted that the large-scale incidents affecting Australian organizations are having an eroding impact on trust and confidence in the country’s digital economy. bottom.
“Ransomware is the most devastating cybercrime facing Australia,” she said.
Healthcare, education, and other critical public services have become lucrative targets in recent years, highlighting the indiscriminate nature of ransomware threat actors.
Sami Khoury, director of the Canadian Cyber Security Center, referred to the incident in Canada. children’s hospital was hit by a cyberattack, bringing down multiple network systems.
cyber security strategy
All country representatives speaking at the panel said cybersecurity strategies were under consideration or had recently been published.
In Australia, a new strategy is being developed to set the country’s cybersecurity priorities for 2023-2030.
For Canada, the current cybersecurity strategy dates back to 2018 and is currently under review, and Khoury expects the document to be completed in the summer of 2023.
Meanwhile, the UK’s NCSC will release its Cybersecurity Strategy in December 2022, and the US government’s National Cybersecurity Strategy will be released by the White House in March 2023.
On ransomware, Rob Joyce, director of cybersecurity at the National Security Agency, highlighted the US strategic approach to ransomware.
“The first is to use law enforcement and other authorities to investigate ransomware crimes and disrupt ransomware infrastructure. The third is to address the abuse of cryptocurrencies to launder ransomware payments, and the fourth is to disrupt the ransomware ecosystem. It is about leveraging international efforts to bring about a positive impact,” Joyce outlined.
Mandatory reporting
The group was keen to highlight the need for organizations to share breach data with government agencies, but approaches to mandatory reporting vary.
“Information sharing continues to be our biggest challenge,” noted Khoury, speaking of the need for compromised organizations to share information with state agencies. Canada currently has no mandatory reporting authority.
In the United States, the Critical Infrastructure Cyber Incident Reporting Act of 2022 requires critical infrastructure organizations to report malicious activity to CISA.
In the UK, certain organizations are legally required to report a cyber breach to the Information Commissioner’s Office (ICO) within 72 hours of the incident. NCSC is not a regulatory body, but works closely with ICOs.
This is also the case in Australia, where there are no comprehensive regulations, but reporting is mandatory for critical national infrastructure organizations.
“I think we need a balance. The challenge for all of us is to balance what is mandated and what is encouraged. , the public sector, and the CNI,” said Oswald.
“From the ACSC’s perspective, it is important that as many organizations as possible voluntarily make their own and personal reports, as it allows us to put together a very comprehensive threat landscape,” said Erhart. increase. “The more we can encourage people to report to us about what they are experiencing, the more we can turn that information around and advise the Australian community.”
The Canadian government recently introduced legislation to Congress that would support creating its own mandatory reporting requirements for federally regulated sectors.
