The Biden administration is working aggressively to enlist tech companies to help fight hackers and ransomware attackers, saying a cybersecurity public-private partnership is the best way to protect America’s critical infrastructure.
Cybersecurity and Infrastructure Security Agency Director Jen Easterly is touting the administration’s new Joint Cyber Defense Collaborative (JCDC) as a model for how the government expects to proactively defend water systems, pipelines, 5G networks and other mainstays of modern life against attacks before they occur.
“We’re already yielding positive results, we’re validating and sharing information across broad swaths of partners in multiple sectors and producing measurable mission impact,” Ms. Easterly said this week at a House Homeland Security Committee hearing. “Last month, we utilized JCDC partner information with FBI and [the National Security Agency] to develop and issue joint guidance against BlackMatter ransomware that critical infrastructure entities are actively using to protect themselves.”
By teaming up with technology companies, however, the administration allies itself with some Tech Giants that lawmakers, regulators, and state governments want to rein in with antitrust lawsuits and other actions.
The Biden administration announced in August that it recruited private tech companies — including prominent players like Amazon, Google and Microsoft — for its JCDC team. Approximately 150 companies have offered to join the effort, said Ms. Easterly during a Thursday conversation with investment firm NightDragon.
BlackMatter ransomware was viewed by cybersecurity experts as a successor to the DarkSide ransomware attackers that gained attention for hitting major U.S. fuel provider Colonial Pipeline earlier this year. The attack on the pipeline resulted in gas lines and panic on the East Coast.
Software company Emsisoft said in October that it discovered a flaw in BlackMatter ransomware that allowed Emsisoft to help victims recover their information from attackers without paying a ransom. The company said it quietly disclosed its decryption capabilities with trusted partners and law enforcement agencies as it responded to attacks, and Emsisoft threat analyst Brett Callow publicly thanked Ms. Easterly for her team’s assistance.
The battle against BlackMatter yielded some successes but it is unclear how long any triumph will last. when word of the action undermining BlackMatter became public, reports spread this week that BlackMatter was shutting down. Some affiliates of the ransomware gang have started moving elsewhere so they can continue to extort victims, according to tech publication Bleeping Computer.
Some tech companies’ employees are averse to working with any government.
Ms. Easterly told Congress she wanted to create a working environment where the government and private sector work hand-in-hand on cybersecurity and “fundamentally shift the paradigm from a public-private partnership into public-private operational collaboration.”
In August, Ms. Easterly’s agency said the first companies to participate in the JCDC included Amazon Web Services, AT&T, Crowdstrike, FireEye Mandiant, Google Cloud, Lumen, Microsoft, Palo Alto Networks and Verizon. The government agencies working with the companies included CISA, U.S. Cyber Command, Department of Defense, FBI, the Office of the Director of National Intelligence, NSA, and the Justice Department.
Ms. Easterly told Congress that the government’s first partners were selected “because they afford global visibility into infrastructure that the government doesn’t have and shouldn’t have.”
Ms. Easterly explained at the Thursday event that she did not think the intelligence agencies should have unfettered visibility into domestic infrastructure operated by the private sector.
“You don’t want the intel community to see the dots on domestic infrastructure,” she said. “What you do want is a partnership between the federal government and private industry that has incredible visibility by virtue of being the technology platform and can provide us information about trends and incidents in an anonymized way that protects privacy but gives us an ability to see those dots, connect those dots, and because of that infrastructure to drive down risk at scale.”
The administration’s public-private partnership against cyber crime contrasts sharply with China’s policies that leverage military-civil fusion. China compels companies to assist in government actions.
• Ryan Lovelace can be reached at rlovelace@washingtontimes.com.
Please read our comment policy before commenting.