25 Jul Cyber Simulations: Lessons from the U.S. Secret Service
Ransomware defense training is essential
– Neal Bridges, Chief Content Officer, INE
Raleigh, N.C. – Jul. 25, 2021
March 2, 2019, dawned misty and mild in Jackson County, Georgia. The global COVID-19 pandemic that would eventually change the world was not a thought in anyone’s mind. On a drier day, the air would be filled with the sounds of youth soccer teams kicking balls around and the cracking sound of baseballs on bats. This day though, silence echoed across the rural Georgia hills. In the eerie quiet, something terrible was happening.
Computer screens at the county’s 911 dispatch center flickered off. Operators scrambled to find paper maps and logs of EMS responders. Sheriff’s deputies making routine traffic stops were unable to run license plate checks. At the jail, guards lost remote access to cell doors and were forced to open them manually and escort inmates from place to place in person.
Jackson County was under a ransomware attack, and the impact was massive.
In consultation with cybersecurity experts, the Jackson County manager paid the $400,000 ransom to restore access. “It really crippled us,” the county sheriff told local media. Similar scenarios played out 2,046 more times in 2019, with losses totaling $8.9 million. In 2020, according to the Federal Bureau of Investigation (FBI), losses more than tripled to total $29.1 million in nearly 2,500 ransomware attacks. In 2021, they continue to pile up.
The numbers are even more alarming when we expand the threat to include all types of cybersecurity breaches. The FBI’s 2020 Internet Crime Report shows the agency received a record-breaking 791,790 cybercrime complaints last year, responsible for more than $4.2 billion in losses. Compared to 2019, the number of cybercrime complaints spiked by a whopping 69 percent.
In addition to the number of complaints rising, we are also seeing a social impact of the rise in cybercrime. Any given month, it is commonplace to turn on the news and see companies like Garmin, LG Electronics and Xerox featured as the latest victims of ransomware. In the case of Garmin, while we may never know how much they paid in extortion to decrypt their files, we know the initial ransom demand was approximately $10 million.
It is no secret that government municipalities — like Jackson County — are under a growing threat of attack. In 2020, there were 71 reported cyberattacks against U.S. municipalities, with an unknown number going unreported. As a matter of fact, over the last 2 years, 78 percent of states have had at least one municipality affected by a ransomware attack. Only 11 states have not experienced a reported attack in that time.
With the clear and present danger obvious, the United States Secret Service is setting an example the rest of corporate America should be following. In March of this year, the agency hosted its seventh annual Cyber Incident Response Simulation. The Cyber Fraud Task Force (CFTF) joined forces with the FBI, the National Guard Bureau and the Cybersecurity and Infrastructure Security Agency (CISA) to conduct a virtual ransomware attack.
The event was striking in its realism, featuring cybercrime crisis role-play simulation designed to train participants on how to effectively and efficiently respond to and mitigate the growing threat of ransomware attacks.
As the cyber mission of the Secret Service expands, the agency has adopted a multifaceted approach to investigating a broad range of cybercrimes, including greater education and information sharing. Enhanced partnerships with state and local governments, along with industry leaders, are also part of the complex equation.
As education is at the center of the Secret Service cyber mission, businesses are also finding that a well-trained cyber defense force greatly reduces both the likelihood and impact of the inevitable cyberattack. The size of an organization is irrelevant when it comes to adopting basic incident response capability training tactics. As adversary capabilities increase, so does the training required to have a well-equipped cyber defense force.
While the cost of a top-rated cyber defense training program may be considered by some to be an unnecessary “insurance policy” more costly than the price of an attack, consider the city of Atlanta. City leaders refused to pay a $51,000 ransom, and ended up forking over more than $2.7 million to restore the city’s computer network.
Corporate America: Cyber school is in session. The U.S. Secret Service is teaching lessons. Learn them.
– Neal Bridges is INE’s Chief Content Officer. He is a former NSA hacker and one of the nation’s top cybersecurity experts. Neal served at Cyber Command in the Air Force and established the USAF’s first cyber function training unit and has worked closely with the FBI and Department of Defense to provide expertise in advanced cyber attack tactics.
ABOUT INE
INE is the premier provider of Technical Training for the IT industry. INE is revolutionizing the digital learning industry through the implementation of adaptive technologies and a proven method of hands-on training experiences. INE’s portfolio of training is built for levels of technical learning specializing in advanced networking technologies, next generation security and infrastructure programming and development.
