Written by Ayzel Lorelei Clarkson
The need to tighten cybersecurity strategy across public and private industries alike has never been more urgent. Case in point, a Fortune feature on cybersecurity shares that ransomware attacks negatively impacted 649 US critical infrastructure entities back in 2021. This includes the infamous Colonial Pipeline attack, which lasted nearly a week. Consequently, cybercrime prevalence has increased discussions on the measures that the US government has taken to mitigate cybercrime and boost national resilience.
Adopting the Zero Trust Strategy
As cyber threats continue to compound dramatically, the US Federal Government has resolved to allocate almost $20 billion to cybersecurity. One of the most awaited interventions comes in the form of the Cybersecurity and Infrastructure Security Agency (CISA) 2023-2025 Strategic Plan. The document details the government’s goals to improve the ability of federal systems to withstand sophisticated cyberattacks.
It must be noted that the Federal Civilian Executive Branch (FCEB) agencies have recognized the inadequacies of traditional security models, which is why the Department of Defense is adopting the Zero Trust (ZT) strategy. This security model requires verification from every entity or device that wishes to enter a network. By applying ZT across all military multi-domain operations, it can enhance data formats, secure points of origin, and vet data.
John Sherman, Chief Information Officer of the Department of Defense, states that implementing ZT can also streamline connected channels where data is shared and managed such as artificial intelligence.
Utilizing Artificial Intelligence
Building on the last point, artificial intelligence (AI) also plays a crucial role in circumventing cybercrime. According to a Federal Times cybercrime report, one of the most harrowing realities about today’s cybercrime landscape is that 95% of cybersecurity issues are a result of human error. As it stands, about 400,000 cybersecurity experts are required by private sectors to keep such threats under control.
The financial sector has proven to be particularly vulnerable against cybercrime. This is largely due to the fact that drug cartels and human traffickers have taken to online marketplaces and cryptocurrencies to refine their money laundering. Fortunately, law enforcement agencies are using AI and machine learning to assist banks in recognizing and reporting suspicious transactions.
Apart from that, AI is being utilized to minimize false positives. Currently, 95% of suspicious activity reports are false positives, which are detrimental to both the time and resources spent by authorities in prosecuting genuine risks. Because AI operates with large data sets, it can more accurately capture threats and reduce false alerts.
Enhancing Computer Forensics
Another technology that the US government has deployed against cybercrime is computer forensics. Maryville University’s post on future crimes explains that computer forensics is being leveraged to gather crucial evidence, and consequently, resolve criminal cases. Despite its ability to address crimes such as identity and financial fraud and security breaches, computer forensics can be challenging to adapt. As the technology requires highly specialized tools and techniques, it needs substantial funding from the government.
Currently, state and local law enforcement have prioritized educating state legislatures on the need for computer forensics labs. A 2020 Journal of National Security Law & Policy study titled ‘Challenges and Opportunities in State and Local Cybercrime Enforcement’ relates that state governments in particular have created digital forensic capabilities at state fusion centers. Although these centers can’t directly assist in cybercrime investigations, they can leverage grants from the Department of Homeland Security as seed money for advanced computer forensic tools.
Encouraging International Cooperation
To take further action against cybercrime, FCEB agencies are also encouraging international cooperation. For instance, the Department of Justice collaborated with similar agencies in other countries to circumvent the NetWalker ransomware which targeted the health sector. Around $500,000 in cryptocurrency was collected by authorities.
Interestingly, Anne Neuberger, a top cyber official at the National Security Council, addressed enterprises through an open letter back in 2021. In the letter, she urged companies to strengthen their security systems by creating backups, implementing multi-factor authentication, and segmenting networks. Alongside these strategies, Neuberger promised that the US federal government was currently working with global partners to prevent ransomware. One of the more notable efforts indicated by Neuberger is the development of policies towards ransom payments. Essentially, these would allow rapid tracing and intercept online currency proceeds.