Cyber ​​pros seek help from Biden admin, say Feds withholding information on digital attackers

Cybersecurity experts Thursday called on the Biden administration to help protect health systems from foreign attackers and said they fear the federal government is withholding actionable information.

The cyberworkers told Senate lawmakers that the healthcare sector suffers constant attacks, and instead of sharing available data on hackers, the Biden administration sometimes classified information generated by the private sector.

According to Greg Garcia, an executive who represents an advisory board of more than 350 healthcare organizations and agencies fighting cyber threats to the healthcare sector, the federal government has stamped private-sector information classified rather than sharing its own cyber intelligence.

“I think there is general consensus that there is a problem of over-classification in government, too much information is unnecessarily classified and indeed information that sometimes flows from the private sector to government is classified retrospectively,” Mr Garcia said a Senate Homeland Security and Government Affairs Committee hearing.

The government takes the private sector’s data and adds its own classified context before sealing it from the public, according to Garcia, executive director of the Cybersecurity Working Group of the Health and Public Health Coordinating Council.

Scott Dresen, Corewell Health’s chief information security officer, said he found that the federal government did not share available information with health network defenders because law enforcement officials sometimes withheld details while citing active investigations.

“Do you think there is any actionable information that is not being shared at this time?” Senator Richard Blumenthal, a Connecticut Democrat, asked at the hearing.

“I think this is likely related to ongoing investigations and so the ability to share this with our sector as much as possible would be desirable,” Mr Dresen said.

Dresen told lawmakers he didn’t have specific details on the sources of cyberattacks, including how the attacks originated from China versus Russia.

“It’s just significant in terms of the daily barrage that we hold and hold off to protect ourselves,” Mr. Dresen said.

According to the FBI’s Internet Crime Complaint Center, the healthcare sector was the top target for ransomware attackers in 2022. The FBI collected 870 complaints last year suggesting that organizations with critical infrastructure fell victim to ransomware, and 210 of those complaints came from the healthcare sector, according to the FBI’s 2022 Internet Crime Report.

All other critical infrastructure sectors lagged behind healthcare in terms of complaints, with healthcare registering more complaints than several other industries combined, such as energy, transportation and manufacturing. The FBI’s report states that not everyone reports ransomware incidents to their Internet Crime Complaint Center, so the full extent of ransomware damage could be greater.

The healthcare sector was hit by ransomware last year. For example, in November 2021, American, Australian and British cyber officials said Iran-sponsored cyber attackers had targeted victims in the US healthcare and transportation sectors.

In June 2022, FBI Director Christopher A. Wray said Iran-sponsored cyberattackers planned to attack Boston Children’s Hospital but were stopped.

The Biden administration has taken steps to leak critical information to its favorite cyber defenders.

The Biden administration created the Joint Cyber ​​Defense Collaborative in 2021 to bring national security and law enforcement agencies together with technology and cyber firms to combat hackers and ransomware attackers.

President Biden’s long-awaited National Cybersecurity Strategy, unveiled this month, tasked law enforcement, intelligence agencies and other cyber officials with identifying intelligence needs of digital defenders and said they would work to share alerts and threat indicators with public and private partners.

“The federal government will increase the speed and scope of cyber threat information sharing to proactively alert cyber defenders and notify victims when the government has information that an organization is under active attack or may already be compromised.” it in strategy.

As the Biden administration works to implement its cyber plan, it will have every reason to rush. A data breach that affected a health insurance market in Washington last week exposed sensitive personal information, such as social security numbers, linked to lawmakers, their families and congressional workers, including outside of government.

Source :

Leave a Reply

Your email address will not be published. Required fields are marked *