2021 was a landmark year for cybercrime. Critical Insight, a company with the goal of protecting health care and other life-supporting businesses from cybercrime, released a report detailing the data breaches that occurred in health care facilities that year. It revealed a frightening statistic for both health care corporations and those who utilize their services: In 2021, there were more data breaches affecting health care companies than in any previous year. Nearly 45 million people were affected by having their personal information stolen and possibly sold. This was a staggering increase from the previous year in which 34 million people were affected by attacks aimed at health care.
This was all happening at a time when hospitals already lacked the resources to care for their patients. As a pandemic ravaged America's ability to handle the number of people needing treatment, many health care workers were severely overworked, with many needing to quit or take leaves of absence because of overwhelming exhaustion. The data breaches committed by cybercriminals added an extra level of frustration to an already devastating situation.
Clearly, private companies are not in a position to defend against cyberattacks by themselves. That's why the federal government has stepped in to assist them.
The Executive Order on Improving the Nation's Cybersecurity
Health care is just one example of a vital industry that's been attacked by cybercriminals. On May 12, 2021, President Joe Biden signed an executive order to combat cybercrime. This order came in response to a cyberattack on the Colonial Pipeline — an integral and massive part of U.S. infrastructure comprising 5,500 miles of pipeline that runs from Texas to New Jersey. The East Coast gets nearly half of its fuel from this facility.
During the attack, a cybercrime group calling themselves DarkSide infiltrated the pipeline's internal systems. Within two hours, they had stolen almost 100 gigabytes of data. Afterward, they began to spread ransomware throughout the network. To halt the spread, Colonial Pipeline was forced to shut down its entire internal system, causing a jet fuel shortage among carriers such as American Airlines. When word spread of the attack, many consumers began stocking up on fuel in a panic, causing shortages in some areas as well as a spike in fuel prices.
The executive order's intention was to prevent or at least minimize the damage of such devastating attacks in the future by strengthening the relationship between federal and private entities. Companies with federal contracts are to follow rules as laid out in the executive order to tighten their defenses against cyberattacks.
State solutions for cybercrime
As cybercrime continues to evolve, the federal government as well as private companies have worked rapidly in an effort to keep up. In 2022, as of July, there were 250 bills introduced by 40 states and Puerto Rico designed to deal with cybersecurity. Of those, 41 bills succeeded. They aim to:
- Introduce mandatory training among employees.
- Regulate standards and practices.
- Require the government to conduct cybersecurity training.
- Bring funding to state-wide and local cybersecurity efforts and schools.
CISA: The first big effort by the federal government to combat cybercrime
One of the federal agencies leading the charge for cybersecurity efforts is the Cybersecurity and Infrastructure Security Agency (CISA), which is overseen by the Department of Homeland Security. The purpose of CISA is to defend the U.S. against attacks on its infrastructure, which includes cyberattacks like those against health care facilities and the Colonial Pipeline.
CISA was created in 2018 as a result of the Cybersecurity and Infrastructure Security Agency Act signed into law by President Donald Trump. Before CISA, the National Protection and Programs Directorate (NPPD) was responsible for such things, and CISA was effectively a successor to the NPPD. When CISA was created, the NPPD moved all of its resources and transferred all of its responsibilities to the new department. The development of CISA had a long history as it became increasingly clear with the ramping threat of cybercrime that an independent agency needed to be instituted.
There are two parts to CISA: The National Cybersecurity and Communications Integration Center (NCCIC) and the National Risk Management Center (NRMC). The NCCIC is responsible for nonstop monitoring for and reacting to cybercrime threats. The department works with the federal government, the private sector, international partners, and state and local governments to always be ready to react to cybercriminals. The NRMC is dedicated to identifying the most significant cybercrime threats and planning responses to them.
One of the core tenets of CISA is the belief that neither the federal government nor the private sector is equipped enough to deal with what cybercrime has become. CISA aims to bring together both parties to maximize their mutual defense against cyberattacks against both the U.S. and its private companies.
Cybersecurity and the midterms
The federal government's role in cybersecurity has become especially pronounced because of the upcoming 2022 midterm elections.
Cybercriminals armed with misinformation are targeting election officials for harassment in an effort to undermine the American democratic process. CISA is addressing this issue by attempting to equip election administrators and officials with the tools they need to protect our elections at all levels, including comprehensive cybersecurity solutions.
As cybercrime gets worse, the federal government has a responsibility to work with private companies to mitigate the nonstop threat of cyberattacks that have the potential to wreak colossal amounts of harm. While the federal government has made significant strides in our cybersecurity, there is much work to do to protect us from the threat of cybercrime.