This browser does not support the Video element.
OAKLAND, Calif. - Some of the nation's top cybersecurity experts are preparing to meet at a hybrid convention next week in Las Vegas and online. The Black Hat 2021 event includes training and briefing sessions on cybersecurity topics and comes just one week after the Biden administration's announcement of new steps to protect U.S. infrastructure from cyber-attacks.
The U.S. does not have comprehensive cybersecurity requirements for most industries. The threat of attacks has been highlighted by recent incidents. In June, the meat-processing company JBS reportedly paid $11million in ransom after it was attacked. In May, Colonial Pipeline, which supplies about 45% of the fuel on the East Coast, reportedly paid more than $4million in ransom after a cyberattack. Even federal agencies such as the U.S. Treasury and Commerce departments have been targeted by hackers.
"It sounds really tempting to say no one should pay the ransom, but the reality is now these actors are targeting things like health care law enforcement, local governments, and those are things that you simply can't live without," said Craig Williams, director of Cisco's Talos Outreach security division.
Williams says in many cases, hackers might exploit simple weaknesses in government or company systems.
"You're going to see an attacker, particularly the advanced ones using only as much force it's absolutely necessary," said Williams, "A lot of the time you'll see more simplistic attacks, things that maybe should have been patched but were not patched because of priority or timing."
Some attacks, though, are more sophisticated.
"A zero-day exploit is what we would call it. It would be an exploit for a vulnerability that's unknown to the manufacturer. It's something that's new and people haven't seen it before, outside of the people who developed it," said Williams, "You can have a security device that has protection that may cover it, you can have endpoint protection that looks for exploit patterns that can defend against it, but that's the heaviest and most expensive hammer for our adversaries, and so it's one that they don't use unless they have to."
The Biden administration announced new measures this week to set up voluntary public-private partnerships to protect core sectors from hacking efforts, including threats coming from China and Russia which could escalate even to the point of war.
Williams says such collaborations are increasingly necessary.
"When we find these threat actors that no one else is aware of. We want to make sure that everyone can block it, because if we can get everyone to block those servers and everyone to not pay the actors, that helps drive those actors out of that business and into other areas where they're not hurting customers," said Williams.
Williams says Cisco and other companies have started incident response services to help businesses address the growing problem of ransomware attacks.
The Biden administration says its goal this year is to expand public-private partnerships beyond electricity utilities and gas pipelines to other sectors to create a more unified national cybersecurity response.
NATIONAL SECURITY AGENCY STATEMENT ON CYBERSECURITY PARTNERSHIPS:
BLACK HAT USA 2021
https://www.blackhat.com/us-21/