NSA chief predicts U.S. will face ransomware 'every single day' for years to come
The U.S. will have to contend with the threat of ransomware daily for at least the next several years, the leader of the country’s premier digital spy agency said Tuesday.
“Every single day,” Gen. Paul Nakasone, the director of the National Security Agency and the head of U.S. Cyber Command, answered during a discussion at the Mandiant Cyber Defense Summit in Washington when asked if the threat would persist for the next five years.
The U.S. has been rocked by a series of historic hacks over the past year, including ransomware attacks on the Colonial Pipeline and meat processing giant JBS. Meanwhile, more and more state and local governments are suffering debilitating seizures of their networks and systems unless a ransom is paid.
Nakasone said the recent chain of events changed his point of view that ransomware is a “criminal activity” best handled by the FBI.
“When ransomware starts impacting our critical infrastructure, it’s significant. If it isn’t important to U.S. Cyber Command and the National Security Agency — who are built for the express purpose of defending the nation — there’s something wrong there,” he explained.
“Ransomware is a national security issue. I firmly believe that.”
Last month the four-star said the agencies he helms would “surge” to combat the online menace.
Nakasone said that effort is “going on right now” across both entities in terms of understanding the threat, the tactics employed and how to get in front of the malicious cyber actors responsible. He did not provide any specifics.
Unlike other Biden administration officials, he declined to weigh in on the raft of cyber incident reporting bills that has been introduced on Capitol Hill in recent weeks.
Nakasone would only say that he agreed with CISA director Jen Easterly that such legislation is “an important piece to be able to understand what’s going on” and “greater visibility is critical for the nation.”
Martin Matishak is a senior cybersecurity reporter for The Record. He spent the last five years at Politico, where he covered Congress, the Pentagon and the U.S. intelligence community and was a driving force behind the publication's cybersecurity newsletter.