At the agency's 2nd Annual National Cybersecurity Summit on Wednesday, CISA director Chris Krebs outlined what the new agency has achieved since it was set up last year. Krebs cited a number of directives and executive orders that have been passed, and he pointed to the series of indictments against threat actors around the world. As an example of the effectiveness of these measures, he said that “indictments of the SamSam ransomware actors have stopped SamSam ransomware attacks worldwide.” He cited these achievements in the course of advocating what amounts to a whole-of-nation approach, with strong cooperation between Government and the private sector. Krebs stressed the growing importance of cooperation between the public and private sectors in defending against threats: “The government’s not going to solve this problem alone. This is a national problem set.”
Looking forward, Krebs wants to prepare for a large-scale cyberattack before it happens. Relating such an event to a natural disaster, he said we know how to prepare for hurricanes because we know what happens when a hurricane hits. We don’t have that level of knowledge when it comes to a cyber event, but he said the spate of ransomware attacks against government targets this summer came “pretty close” to a large-scale event. One of the threats CISA is preparing for is the possibility that ransomware could be deployed against voter registration databases during the 2020 election.
One sort of private sector contribution Krebs would discourage, however, is FUD. He pointedly asked the cybersecurity industry to stop “selling fear.” He acknowledged that it’s an effective marketing tactic, but said we need to remove the hysteria and have measured and reasonable conversations about threats, particularly those surrounding election security. The threats to infrastructure are undeniably real, but self-interested alarmism doesn’t help, and only serves to drive down voter confidence.