Otterbourg litigator Bill Moran says the time is now for the Biden administration to bring about a collaboration with Big Tech companies – willingly or not – to protect U.S. national commerce and defense.
Moran, who chairs Otterbourg’s Crisis Management and Investigations Group, says It’s time to Declare War on Cybercrime. He shares his thoughts with Digital Journal.
Moran has had a significant increase in clients and potential clients in the private sector seeking advice about getting ahead of the cybercrime tidal wave (a term coined in a 2013 futurist article).
Moran begins by the recent recovery of the Colonial Pipeline ransomware by U.S. authorities (as reported by Digital Journal), noting the “Seizure by the Justice Department of the majority of the bitcoin ransom paid by Colonial Pipeline is obviously what the Biden administration meant by “rapid tracing and interdiction of virtual currency proceeds”. This includes plans for backing up data with segregated systems, separating online corporate business functions from the production side of the business, establishing quick response security and continuity plans, and educating the workforce on proper cyberhygiene.”
The insurance sector remains jittery about the progress, Moran notes: “While the recovery of most of the Colonial Pipeline ransom is a stunning achievement for the newly formed Ransomware and Digital Extortion Task Force, it will not likely impact the insurance industry’s concerns. It appears that law enforcement was able to track the bitcoin to a digital wallet identified as connected to the ransom, which as described in the FBI agent’s affidavit supporting the seizure warrant was accomplished using a blockchain explorer searching the blockchain where ‘[a]ll Bitcoin transactions are recorded,’ and which is ‘visible online for everyone.’”
Furthermore, Moran clarifies, the transparency is missing: “As also explained in the warrant affidavit, the wallet was opened and the bitcoin was able to be seized by use of a digital ‘private key’ the task force obtained. It was not revealed in that affidavit how that private key was obtained.”
So what happened? According to Moran: “Given the nature of cryptocurrency it is unlikely it was obtained by brute force hacking by law enforcement. Most likely it was obtained by either a careless criminal through the FBI’s year-long surveillance of DarkSide, the Russian-based hacking group associated with the intrusion, or from a cooperating confederate of the group. As such, while laudable, this success may be unique, and therefore unlikely to relieve the increased vetting of customers by cybercrime insurers or the increasing costs. Accordingly, the need for U.S. businesses to increase cybersecurity measures and crisis preparedness will not soon abate.”
Yet there is more than needs to be done, as Moran. He explains that “While the Biden administration now has cybercrime at the top of its priority list, as far as government action is concerned it is unclear what is being done. So far all we have seen is the recent executive order to federal agencies and contractors to up their game on cybersecurity and the well-publicized warning in an open letter last week from the deputy national security advisor to American business to increase security measures.”
He adds that greater clarity is needed of what the U.S. government is planning. His point is: “The only action item the government has clued us in on in its efforts to combat ransomware, which was in that open letter, is an effort to enable the trading and interdiction from ransom payments, so as to ‘disrupt and deter.’ What that entails and what success has been achieved, however, is not yet known. As I have been stating for some time, until the Biden administration drafts U.S. Big Tech to join forces and aggressively turn the table on cybercriminals, it is very much every company for itself.”