Cyber criminals hurt one in four Americans. They steal, extort and defraud us in our hospitals, schools, government agencies, and prey on senior citizens. The problem goes all the way to the top. Russian hackers lifted information from dozens of US government agencies in 2020. We still don’t know their ultimate plan, or how much damage they will do. Cybersecurity policy expert Michael Garcia explains the true scale of this alarming problem that affects all of us, and how the Biden administration can protect us better.
Listen to the full conversation here:
Matt Robison: We learned at the end of 2020 that dozens of us government agencies were penetrated by Russian hackers. This poses a grave risk to federal state and local governments, as well as private companies and organizations. Ransomware takes entire state and local governments offline, costing taxpayers billions. Cyber-criminals cost our citizens, especially senior citizens, millions. Our country is losing our most closely guarded national security secrets and intellectual property. So it goes up to the very top of the US government and the most fundamental functions of our government.
Michael Garcia: The fact is, either you’ve been impacted or someone you know has been impacted already. Cyber crime has affected one in four Americans. But only three out of every 1000 incidents that are reported to the FBI see some type of enforcement action. Meaning an indictment or arrest. So it’s one of the most prevalent forms of crime, but has the lowest enforcement rate.
So yes, this is very real. We tend to think about it in abstract, technical terms, but it has real world consequences. A few months ago, we actually had the first known death linked to ransomware. A German hospital was attacked and there was a patient who could not get an emergency surgery that she needed.
Matt Robison: We learned about that massive Russian hack at the end of 2020. What happened?
Michael Garcia: This [whole episode is] really starting to make us question our current policies. In Mid-December 2020, we found out about a company called Solar Winds, which was a provider of certain online services for several US agencies, including nearly all of the fortune 500 companies. It was everywhere. Back in February of 2020, the Russians were able to infiltrate Solar Winds and insert some malware. That was then pushed out to as many as 18,000 customers. The ramifications are minimal for now, but what we don’t know is the information that Russia’s been able to glean to carry out future attacks.
And we just found out in December about something that started back in February. That means they’re on those networks all those months, doing whatever they want to do. We don’t know what other systems they might have infiltrated or any other actors like the Iranians or the Chinese government they might have traded information with.
Matt Robison: What are your ideas for fixing the problems we face and getting it right?
Michael Garcia: My colleagues and I at Third Way just released a report this past November called a Roadmap to Strengthen US Cyber Enforcement in which we developed over 60 recommendations. But it boils down to three big things.
First is coordination at the federal level. We need all the many agencies involved – plus the hundreds of state and local partners and our international allies – to be on the same page and working together. The private sector owns and operates 85% of our critical infrastructure. That means the government can only do so much. So we need true partnerships.
Number two, we really need to improve our state and local capability. Right now only 45% of local law enforcement agencies have the ability to even analyze digital evidence in these crimes.
And lastly, we need to engage our international allies because so many of these perpetrators behind these crimes reside overseas. So in order for us to put handcuffs on these bad guys, we need to work with our partners. That means providing assistance and training to international law enforcement. But it also means holding accountable those nations like China and Russia who are openly abetting criminals.
If we don’t get a handle on it, it’s just going to get worse.
In collaboration with PoliticusUSA, we are offering excerpts from the Great Ideas podcast every week that explain how policies work and present innovative solutions for problems. Please subscribe, and hear Michael Garcia’s other insights on cybercrime, check out the full episode on Apple, Spotify, Google, Anchor, Breaker, Pocket, RadioPublic, or Stitcher
Matt Robison is a writer and political analyst who focuses on trends in demographics, psychology, policy, and economics that are shaping American politics. He spent a decade working on Capitol Hill as a Legislative Director and Chief of Staff to three Members of Congress, and also worked as a senior advisor, campaign manager, or consultant on several Congressional races, with a focus in New Hampshire. In 2012, he ran a come-from-behind race that national political analysts called the biggest surprise win of the election. He went on to work as Policy Director in the New Hampshire state senate, successfully helping to coordinate the legislative effort to pass Medicaid expansion. He has also done extensive private sector work on energy regulatory policy. Matt holds a Bachelor’s degree in economics from Swarthmore College and a Master’s degree in public policy from the Harvard Kennedy School of Government. He lives with his wife and three children in Amherst, Massachusetts.
Credit: Source link