Senate cyber caucus to hold briefing this week on ransomware attacks

The Senate Cybersecurity Caucus will hold a classified briefing Wednesday to address the ongoing spree of ransomware attacks on local governments, school districts and other entities nationwide.

Sens. Mark Warner (D-Va.) and Cory Gardner (R-Colo.), the co-chairs of the caucus, will host the bipartisan event, which will feature a briefing for members from Christopher Krebs, the director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).{mosads}

According to a spokesperson for Warner, the briefing will include discussion of the “current threat landscape including actors and vulnerabilities, current trends and resources available to address the threat, and what Senators can do to help protect their states.”

Gardner told The Hill on Tuesday that while this week’s briefing is classified and closed to the public, he hoped there would be more “in the open” on risks from ransomware attacks in the future.

“I think it’s important that the American people understand what’s at risk, so to have something that it is out in the open that we can get out is needed, so the American people can be eyes open when it comes to the challenges that our country faces,” Gardner said.

Ransomware attacks have been a growing concern nationwide this year following repeated attacks in various states. These cyberattacks involve an individual or group gaining access to an organization’s systems, encrypting them, and demanding money to unlock the systems.

Over the past year, the city governments of Atlanta and Baltimore have spent millions to recover their systems instead of paying the ransoms demanded, while almost two dozen small town governments in Texas were hit by a coordinated ransomware attack in August.

In Louisiana, Gov. John Bel Edwards (D) has declared a state-wide emergency twice this year due to ransomware attacks, first after attacks on several school districts in July, and then again in November following attacks on multiple state agencies.

In response to ongoing attacks, the FBI issued a warning in October to U.S. businesses and organizations to guard against ransomware attacks.

CISA also issued a joint statement along with other national groups in July recommending that state and local government entities step up security in response to ransomware threats, with CISA recommending that groups backup systems daily and prioritize cybersecurity awareness and education.