Mandiant CEO says national response to cyber threats is a necessity

One of the many things the Log4j ransomware attack showcased is that U.S.-based businesses and governmental entities have been heavily affected by cyberattacks, such as ransomware, data breaches, and distributed denial-of-service (DDoS), according to CNBC.

“I think more people are taking advantage of the United States – and our openness and our true global workforce – than in any other nation,” said CEO of cyber security firm Mandiant, Kevin Mandia.

U.S. companies and governmental agencies have finally expressed their discontent with the situation. Instead of following the traditional approaches to safeguarding their networks, such as firewalls, companies chose to alter their cybersecurity approaches.

U.S.-based firms are seeking out cyber threats before they actually happen.

Ransomware attacks have exponentially increased in the past year, leaving behind a damaging trail of breaches.

In August 2021, research firm International Data Corp reported that more than one-third of global establishments were exposed to some of the most destructive cyberattacks or breaches, hindering accessibility to systems or data.

Now, these companies are defending their right to a secure network and fighting back.

“What you’re starting to see is a coordinated national response – maybe even a coordinated international response – because [of] ransomware,” Mandia added.

“Quite frankly, everybody hates it except for people doing it and the people harboring those who do it,” the CEO added.

One example of such coordination is the FBI’s synchronized efforts to take-down famous ransomware operation, REvil, linked to Russia. By implementing technical and legal techniques to remove it from the internet by infiltrating its servers.

According to Mandia, the coordinated efforts between countries and law enforcement organizations helped curtail or eradicate cyber threats after ransomware attacks exposed national security to consequential risks. He further emphasized the necessity of bringing military assets to help fight.

“We can do a lot of different things rather than just constantly making it a clean-up on aisle nine after the crime,” he added.

Military help “does not mean drone strikes; it means proportional responses” to any threat, which is only applicable if the source of the attacks is recognized.

The most prominent step would be creating a national “doctrine” that would structure how the U.S.’s next step will be fighting ransomware attacks and the nations sheltering them.

“There could be some vagueness to that doctrine, but people need to know that the nation is going to have a coordinated response” to attacks. “There comes a time where you just can’t stand there and take it anymore,” the CEO added.