The House Oversight Committee is about to convene a hearing on ransomware attacks with @ncdinglis, CISA's Brandon Wales, and FBI's Bryan Vorndran: oversight.house.gov/legislation/he…
Ahead of the hearing, House Oversight has released a staff memo on recent attacks: oversight.house.gov/sites/democrat…
Ahead of the hearing, House Oversight has released a staff memo on recent attacks: oversight.house.gov/sites/democrat…
House Oversight hearing on ransomware attacks is starting now:
I'll tweet highlights.
I'll tweet highlights.
“We are at a tipping point," House Oversight chair Carolyn Maloney says. "Cyberattacks have become more common and potentially more damaging."
“We cannot afford to let up on our efforts to ensure coordination of anti-ransomware efforts across the entire federal government and between the public and private sector," Maloney says.
Ranking member James Comer begins his opening statement by asking for more details about the FBI email system hack over the weekend, but then spends the rest of his statement hitting Biden over "radical left-wing policies," BBB spending, inflation, and illegal immigration.
Maloney responds to Comer, noting job creation and unemployment level. All this at a cyber hearing. Sort of a great metaphor for how cyber is often sidelined by higher-profile partisan issues.
"I find the word chutzpah, is appropriate at this moment," Gerry Connolly says of Comer's attacks on the Biden administration, given what he calls Republicans' lack of oversight of the Trump administration.
Comer asks to interrupt Connolly, but as he begins talking, Maloney says it's time to get back on topic.
"Mr. Connolly has the time, he has worked hard on this issue, and he's absolutely right that we should focus on the purpose of this hearing."
"Mr. Connolly has the time, he has worked hard on this issue, and he's absolutely right that we should focus on the purpose of this hearing."
Delivering his opening remarks, @ncdinglis says “the Biden administration supports legislative efforts to require cyber incident reporting — to include ransomware payments — to both the FBI and CISA.”
CISA Executive Director Brandon Wales says the recently launched ransomware.gov site "has had more than 45,000 page views, and our ransomware readiness assessment tool has been downloaded nearly 15,000 times."
Wales: “Given the importance of visibility into the true size and scope of cyber threats facing us, I urge Congress to move quickly on the urgent priority of adopting incident notification legislation.”
FBI Cyber Division chief Bryan Vorndran, on cyber incident reporting legislation: “I can't stress enough the importance of the FBI receiving full and immediate access to cyber incidents so we can act on them as soon as possible and in unison with our federal partners at CISA.”
Comer asks Vorndran about the FBI's decision not to immediately share the decryption key for the ransomware used on Kaseya and its clients.
Vorndran says the government had to balance long-term vs. short-term cybersecurity goals.
Vorndran says the government had to balance long-term vs. short-term cybersecurity goals.
Vorndran: "We took an extensive process to develop a safe and effective way to deploy that decrypter key to the victims."
Inglis adds: "If you were to act in the very first instance, you might then expose your knowledge of what's happening, allow the criminal to escape, to take their accesses to various other customers that haven't yet been sprung, and to spring them at some later time."
Ralph Norman asks Inglis what the Biden admin has done to pressure Russia to crack down on hackers.
Inglis' list doesn't satisfy him.
“Just more words," he says. "You gave words, but you didn't have any specifics. It's just asking, it’s pleading with them."
Inglis' list doesn't satisfy him.
“Just more words," he says. "You gave words, but you didn't have any specifics. It's just asking, it’s pleading with them."
Andy Biggs asks Inglis about cyber deterrence work.
Inglis: "Over the last few weeks or months, you have seen some evidence that [efforts] are beginning to succeed...It's not unlike climate change, which is decades in the making &...can't be turned around in a fortnight."
Inglis: "Over the last few weeks or months, you have seen some evidence that [efforts] are beginning to succeed...It's not unlike climate change, which is decades in the making &...can't be turned around in a fortnight."
Classic congressional hearing moment:
Using precious time, Andy Biggs asks a question that's already been answered (re: Kaseya decryption key).
Vorndran says he's already answered the question but can do so again if Biggs wants.
Biggs asks him to do so.
Using precious time, Andy Biggs asks a question that's already been answered (re: Kaseya decryption key).
Vorndran says he's already answered the question but can do so again if Biggs wants.
Biggs asks him to do so.
Jamie Raskin asks if CISA automatically shares ransomware incident reports with FBI and USSS.
Wales says CISA almost always coordinates with FBI and USSS, especially when directly engaging with a victim organization.
Wales says CISA almost always coordinates with FBI and USSS, especially when directly engaging with a victim organization.
Raskin: Does a ransomware report automatically go to every agency that needs to know about it?
Inglis: The system is designed to ensure that, but “the system is not perfect.” We will "work to correct" any coordinate failures.
Inglis: The system is designed to ensure that, but “the system is not perfect.” We will "work to correct" any coordinate failures.
Always interesting to watch cyber officials try to answer partisan questions that have only tangential links to cyber issues.
The House Oversight hearing has ended.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
