The United States National Security Agency (NSA) is now fighting against ransomware gangs through a mix of cyber and psychological warfare.
After taking down its websites on the dark web, the NSA's latest strategy reportedly looks to sow paranoia amongst hackers.
In remarks at the RSA Conference in San Francisco, former NSA Director of Cybersecurity Rob Joyce and his replacement, Dave Luber, claimed that the US was attempting to take action against ransomware groups, many of which had their headquarters in Russia.
Rob Joyce used the well-known ransomware group Lockbit as an example to illustrate the most recent tactic by first locating, charging, and endorsing a Lockbit top executive.
According to Joyce, one of the main components of the operation was the FBI's takeover of Lockbit's dark web website and the infrastructure supporting its online activities back in February.
After being taken down, the Lockbit gang swiftly moved to another website. But Joyce said that would have just served to strengthen the FBI's position.
Joyce states that the new website could incite distrust among hackers since everyone in that community would wonder if Lockbit or the FBI indeed owns it if it suddenly appears.
NSA's Other Actions Against Ransomware Gangs
According to the Justice Department, in the Lockbit case, senior leader LockbitSupp, a 31-year-old Russian named Dimitry Yuryevich Khoroshev, offered his services to law enforcement for information about who his rival ransomware competitors were.
Joyce also said that governments worldwide are focusing a lot of attention on areas where a community can offer insights into an ecosystem, see the seams and fractures between them, and peel people off for advantage.
Dave Luber concurred with the assessment and stated that the agency has provided information that the FBI and Justice Department might utilize to take action against suspected hackers.
The two also discussed the threat posed by China and hacktivist groups that are aiming to disrupt US essential infrastructure, including water systems, and may potentially destabilize the country.
Joyce, who left the NSA in March, said there were no significant repercussions from the most recent hacking attempts on US water infrastructure. However, he iterated his worries against state-sponsored hacking units that could meddle with US critical infrastructure.
Luber responded that the US has been attempting to strengthen security at US businesses and critical infrastructure providers by ensuring that weak and default passwords are eliminated from IT systems and that software patches are applied promptly for equipment and software susceptible to vulnerability.
Biden's Warnings Against Cyberattacks
The Biden Administration issued similar cautions to state governors last March, alerting them to the possibility of an Iranian and Chinese computer attack on US water management systems.
A letter from the White House and the Environmental Protection Agency urges governors to bolster their cybersecurity defenses against potential attacks and prepare in advance.
The letter to governors was purportedly written by EPA Administrator Michael Regan and National Security Adviser Jake Sullivan. It instructed them to ensure that all of their states' water systems thoroughly assess their current cybersecurity protocols.
Regan and Sullivan claim that even the most fundamental cybersecurity protections are usually absent from water facilities, which might mean the difference between a destructive cyberattack and normal business operations.
According to reports, these potential attacks might severely impair the essential supply of safe and clean drinking water and place a significant financial strain on the affected populations.
To describe the nature of these dangers, the letter requests the governors' support in implementing vital safeguards for water systems against the escalating risks and consequences of cyberattacks.
Related Article: Ukrainian REvil Hacker Gets 13 Years in US Prison for His Role in $700M Ransomware Scheme
(Photo: Tech Times)
