By Jeff Seldin
The United States is taking new steps to make sure the country’s air and surface transportation sectors will not be crippled by ransomware or cyberattacks.
Homeland Security Secretary Alejandro Mayorkas announced the measures Tuesday at a virtual cybersecurity conference, warning that recent incidents such as the SolarWinds hack and the Colonial Pipeline ransomware attack showed that “what is at stake is not simply the way we communicate or the way we work, but the way we live.”
The new security directives target what the Department of Homeland Security and the Transportation Security Administration describe as “higher risk” rail companies, “critical” airport operators, and air passenger and air cargo companies.
Mayorkas said that going forward, the rail companies will have to name a cybersecurity coordinator who will report any incidents and create contingency plans in the case of a cyberattack.
The aviation companies will also be required to appoint a cybersecurity coordinator and report incidents to the DHS’s Cybersecurity and Infrastructure Security Agency.
Similar cybersecurity directives are already in place for 2,300 critical maritime companies that, starting this month, will have to submit plans to identify and address cyber vulnerabilities.
The U.S. Coast Guard is also working with the International Maritime Organization to require that passenger and cargo vessels arriving in U.S. ports have plans to deal with cyber emergencies.
“Whether by air, land or sea, our transportation systems are of utmost strategic importance to our national and economic security,” Mayorkas said.
Spike in ransoms paid
Top U.S. officials, including Mayorkas and FBI Director Christopher Wray, have warned that cyberattacks and ransomware attacks, in particular, have become a persistent threat.
“Last year, victims paid an estimated $350 million in ransoms, a 311% increase over the prior year, with the average payment exceeding $300,000,” Mayorkas told U.S. lawmakers at a hearing last month.
“We’re now investigating over 100 different types of ransomware, each with scores of victims,” Wray added.
U.S. officials have blamed Russia for many of the attacks, saying that despite Moscow’s assurances, they have seen few indications the Kremlin is doing anything to address the problem.
Russian officials deny any role in the recent, high-profile ransomware attacks.
Speaking at a separate cybersecurity forum Tuesday, the head of U.S. Cyber Command warned the problem with ransomware is likely to persist.
“Our adversaries are targeting everyone,” General Paul Nakasone told the Mandiant Cyber Defense Summit. “What was once viewed as criminal behavior has become a national security issue.”
To help facilitate the fight against cyberattacks and ransomware attacks, U.S. lawmakers are considering several bills that would require private companies to report intrusions and attacks on the government.
“We’re optimistic the legislation will pass,” Mayorkas said Wednesday at the annual Billington CyberSecurity Summit.
“I think we’re at a point, seeing the arc of cybercrimes and the cyberthreats, that really there’s an urgency to it,” he said.