DOJ's Colonial Pipeline presser appears ready to start.
Lisa Monaco: "The Department of Justice is announcing a significant development in the ransomware attack on the Colonial Pipeline."
Monaco: "The sophisticated use of technology to hold businesses, and even whole cities hostage for profit is decidedly a 21st century, challenge, but the old adage, follow the money still applies. And that's exactly what we do."
Monaco: "After colonial pipelines quick notification to law enforcement and pursuant to a seizure warrant...the Department of Justice has found and recaptured the majority of the ransom Colonial paid to the DarkSide network in the wake of last month's ransomware attack "
Paul Abbate: "Today, the FBI successfully sees criminal proceeds from a Bitcoin wallet that dark side ransomware actor is used to collect a cyber ransom payment from a victim."
The press conference still hasn't been clear who, exactly, was served with the warrant.
Abbate: "Today we deprived, a cyber criminal enterprise of the object of their activity."
Stephanie Hinds: "New financial technologies that attempt to anonymize payments will not provide a curtain from behind which criminals will be permitted to pick the pockets of hardworking Americans. "
• • •
Missing some Tweet in this thread? You can try to
force a refresh
Any minute now, the House Homeland Security Committee will host a critical infrastructure cybersecurity hearing with Joseph Blount, president and CEO of Colonial Pipeline.
THREAD
Chair Bennie Thompson calls the system of (largely) voluntary cybersecurity guidelines in critical infrastructure into question.
Thompson: I hope colonial will use the recouped money to make necessary improvements in its cybersecurity.
I had a thread yesterday about why banning payment of ransomware is not an easy solution to the problem
Just to go through some of the other policy options that are worth considering or combining into a comprehensive package:
One idea is to impose know-your-customer laws and mandatory intervention with warrants on cryptocurrencies sold on legitimate exchanges.
It would help recover funds and impose an extreme cost on criminals trying to stay anonymous.
Speculators would super hate it.
There are international diplomacy angles - increasing cooperation between the United States and traditional havens for ransomware gangs. Obviously, this would be incomplete without Russia and could escalate to sanctions.
With respect to Chris Vickery and other people who've made this suggestion, it's not that easy.
Illegalizing ransoms is actually something with historic precedent. It's shown success against kidnappings in the past
But here's the thing...
In either case, countries find it extreme to penalize victims being coerced. Many will still pay - just illegally - which means they won't disclose to law enforcement, regulators or customers. And there are situations, like hospitals, where you may actually want people to pay.
CISA leadership will be testifying before the House Appropriations Committee's Homeland Subcommittee in about an hour about "Modernizing the Federal Civilian Approach to Cybersecurity."
I'll be live-tweeting it. 🧵
Interesting notes to consider in advance.
- Brandon Wales will testify as Acting Director.
While the Biden administration has discussed a task force in the wake of Hafnium, there's no confirmed CISA director, someone you'd expect on the task force.
Eagle-eyed readers will notice I've deleted and reposted that tweet twice after misspelling "Interesting" in two different ways.
The interesting thing about gaffs is not that they happen.
They happen to everyone. Today, I forgot the word acronym. What's interesting is how the ones that stick are ones that confirm what people already suspect about the person who said them.
That's not to say legitimately not knowing something important isn't a problem. But if you give 4 hours of speeches a day, you're going to trip over words.
Yet no one honestly thought Obama didn't know how many states there were when he said he visited 53 of them.
Trump was unique in that regard: To the best of my knowledge, he is the only president to claim the facts change to justify a gaffe. Saying "covfefe" was intentional, altering weather maps to show Alabama would be hit by Hurricane Dorian, claiming he said "Tim from Apple".