Cybersecurity-a concept we hear mentioned frequently, especially in this period of rapidly emerging threats-is an ever-evolving concept. Maintaining an effective cybersecurity posture requires constant vigilance as new threats emerge and old ones return.
Too often, however, when we hear about the importance of cybersecurity, we are left without concrete steps to take to ensure our systems are best positioned to defend against emerging threats.
One of the goals of today’s hearing is to learn about real, tangible measures the government can take to ensure its IT security systems are appropriately reinforced to defend against new and emerging threats, including novel and sophisticated ransomware threats.
The specific focus of today’s hearing will be the recent WannaCry ransomware attack, a new type of ransomware infection, which affected over one million unique systems last month in a worldwide attack that impacted nearly every country in the world. Although the concept of ransomware is not new, the type of ransomware employed by WannaCry was novel.
WannaCry worked by encrypting documents on a computer, instructing victims to pay $300 in Bitcoin in order to regain access to their user’s documents.
Unlike typical forms of ransomware, however, WannaCry signaled the ushering in of a new type of worming ransomware, which caused the attack to spread faster and more rapidly with each new infection. In light of the novelty built into WannaCry’s method of attack, cybersecurity experts, including those we will hear from today, have expressed significant concerns that WannaCry is only a preview of a more sophisticated ransomware infection that many believe will inevitably be launched by hackers in the near future.