Resources
In The News

Improving National Defense Against Ransomware Rick Crawford Commentary

Jun 15, 2021
In The News

Improving National Defense Against Ransomware

Written by Rep. Rick Crawford
Published by Arkansas Business

Ransomware computer crimes have been around for a number of years, but recent attacks have put them squarely in the headlines. America is under attack, and these recent high-profile hits have amplified the urgency and resolve needed from both government and the private sector if we are to respond effectively.

It’s an infuriating crime: cybercriminals infiltrate a vulnerable computer system, then copy and also encrypt the data, rendering the victim’s affected computer system inoperable. The criminals offer to undo the damage if a ransom is paid. The victimized company often pays the ransom, hoping the hackers keep their promises. (There will be congressional hearings this summer examining the controversy around paying ransoms to computer blackmailers.)

Whether the victim is a business, school district, hospital, or county government — all of whom have been recent targets — the disruption of a ransomware attack can be crippling to that entity and to those it serves. But in recent weeks, ransomware attacks have hit companies that are part of our nation’s critical infrastructure — energy in the Colonial Pipeline attack, and agriculture in the JBS Foods attack. These have outsized impact on our country, as we saw with gas shortages along the East Coast, disruption to our food supply chain, and, of course, higher prices for the affected products.

Folks probably get tired of hearing me say it, but food security is national security, and our food supply is critical infrastructure.

From my positions on the House Agriculture Committee and the House Permanent Select Committee on Intelligence, I have seen shortcomings in assessment and communication of threats to our food supply among the intelligence community (IC), the U.S. Department of Agriculture (USDA), and the agriculture industry. The USDA has not been equipped with the tools it needs to secure our food supply chain from threats, including cyberthreats.

To address this, I introduced last year (along with Sen. Tom Cotton, R-Arkansas, in the Senate) the Agriculture Intelligence Measures Act (AIM Act), which would set up clear lines of communication, along with a new position at USDA to coordinate the dissemination of threats and best practices in securing our critical food and fiber supply chains. The trick is to leverage the cyber-expertise of the IC, while allowing the subject matter experts at USDA to manage the particular threats to our agricultural infrastructure that USDA best understands.

Like any large organization, the federal bureaucracy is subject to turf battles among its various agencies and sectors, particularly since cyber-defense is a relatively new phenomenon in a government organized before computers existed. While Congress can write laws delineating chains of command, it requires strong executive leadership direct from the White House to ensure that response effectiveness is not undermined by agencies muscling for power and position within the federal bureaucracy.

The government must improve oversight of critical industries’ defenses against and resilience after a cyberattack. Businesses will have to employ best defensive cyber-practices across the board, and not let cost-cutting measures, or complacency, compromise the security of their computer systems and data.

We must also create more efficient structures for collaboration between government and the private sector. This includes facilitating collaboration among companies — including competitors — to share threat assessments and defensive measures. Collaboration requires guardrails to protect business and investigative secrets, as well as citizen privacy; but it makes no sense for each entity to be siloed when the threats affect all of us.

As we look to implement measures comparable to the AIM Act to protect other critical infrastructure, we must recognize that defensive measures alone are not enough. Our nation must also go on offense against cybercriminals. Here, the collaboration we need is among nations, rooting out these criminal entities that are dispersed around the world.

It also means confronting our adversaries who tolerate, or actively assist, cybercriminals within their borders. This means diplomacy — including the upcoming summit between President Joe Biden and Russian leader Vladimir Putin — plus State Department and FBI engagement with nations around the globe.

And when those efforts prove insufficient, our Pentagon and IC must be empowered under the president’s command to inflict proportional damage on those nations who harbor or actively assist the cyberterrorists targeting America. Just as Iran has seen a series of computer “mishaps” over the years slowing its pursuit of nuclear weapons, it is time for our cyber-adversaries to face the kinds of disruption we have been facing.

Whether it be economic sanctions or counterattacks, our adversaries must see increased costs associated with their hostile acts against us.

Even amidst our stark political differences, cybersecurity can and should be an opportunity to work together in true bipartisan fashion to develop strong and effective measures to confront these attacks.

And it will require ongoing vigilance by all of us who work with computers. It can seem a daunting task, which is why my office is putting together a briefing to help Arkansas businesses get a handle on the cyberthreats they face and learn how to develop and implement a plan to enhance their security. We’re looking to have public and private sector experts join us for this free educational program later this year. Stay tuned.

Recent Posts

Jul 1, 2024
Press

Rep. Crawford Statement on SCOTUS Decision in Trump v. United States

FOR IMMEDIATE RELEASE Contact: Sara Robertson (Sara.Robertson2@mail.house.gov) Rep. Crawford Statement on SCOTUS Decision in Trump v. United States 7/1/2024 Washington, D.C. — Representative Rick Crawford (AR-01) released the following statement after the U.S. Supreme Court’s decision in Trump v. United States. “The SCOTUS decision today confirms that a President is immune from criminal prosecution for official acts within his […]

Jun 27, 2024
Economy

Steel Caucus Voices Concerns of Potential Trade Status Change for Vietnam

FOR IMMEDIATE RELEASE Contact: Sara Robertson (Sara.Robertson2@mail.house.gov) Steel Caucus Voices Concerns of Potential Trade Status Change for Vietnam 6/27/2024 Washington, D.C. – 37 Bipartisan Members of the Congressional Steel Caucus, led by Chairman Rick Crawford (AR-01) and Vice Chairman Frank Mrvan (IN-01) sent a letter to the secretary of commerce, Gina Raimondo, expressing concern about the department’s reconsideration […]

Jun 18, 2024
Immigration

Rep. Crawford’s Statement on Biden’s Mass Amnesty Order

FOR IMMEDIATE RELEASE Contact: Sara Robertson (Sara.Robertson2@mail.house.gov) Rep. Crawford’s Statement on Biden’s Mass Amnesty Order 6/18/2024 Washington, D.C. — Representative Rick Crawford (AR-01) released the following statement regarding President Biden’s plan to grant amnesty to hundreds of thousands of illegal immigrants.  “With illegal immigration soaring under President Biden’s open-border policies, straining law enforcement, public services, and resulting in […]