The Chamber of Commerce offered six steps the federal government can take to help American businesses defend against and respond to ransomware cyberattacks.
As American businesses are facing an uptick in ransomware cyberattacks, the U.S. Chamber of Commerce is asking the federal government to get more involved in disrupting and responding to these criminal attacks.
Ransomware—in which hackers gain access to IT systems, encrypt the data and ransom it back to the owners for a price—are on the rise, as seen recently with the attack against the Colonial Pipeline.
Friday, the Chamber released a statement calling on federal agencies to take a more proactive stance against ransomware crime.
“Today thousands of businesses will be successfully attacked by criminal gangs using ransomware,” Christopher Roberti, Chamber senior vice president for cyber, intelligence and supply chain security policy, said in a statement. “Enough is enough. Businesses are outnumbered and law enforcement doesn’t have the resources to keep up.”
Roberti cited statistics stating it takes companies, on average, 21 days to come back online after their data is locked down and the better part of a year to fully recover.
“It is time for the U.S. government to act decisively against these criminal cyber attackers and stop them from operating with impunity,” Roberti said. “It is time for our government to utilize its full range of capabilities—including criminal and cyber—to take the fight to these cyber gangs.”
The Chamber offered six steps the government can take to help U.S. businesses fend off and recover from such attacks:
- Update a national signaling strategy to communicate through diplomatic and other channels that ransomware attacks, especially on critical infrastructure, are an enforcement and national defense priority.
- Disrupt international ransomware payments systems.
- Enhance international law enforcement resources.
- Establish an international coalition to combat ransomware.
- Enhance capabilities for malware detection, sandboxing and analysis, and information sharing.
- Establish a Cyber Response and Recovery Fund for victims of cybercrime.
The call for a recovery fund echoes efforts from several senators who introduced the Cyber Response and Recovery Act in April.