Two knights facing each other on chess board

Ransomware threats calls for tough conversations

As ransomware attacks on U.S. public and private organizations increase, the federal government may have to have tough conversations with other nations, especially as the lines between nation-state and criminal actors blur.

"Mature nations need to have … very clear understandings of what their forces are doing, that they're not doing things that they don't intend,” said Mieke Eoyang, the deputy assistant secretary of defense for cyber policy. “I'm not sure that all nations have that kind of insight into what's happening at other levels."

Speaking at the Aspen Cyber Summit Sept. 29, Eoyang said the Colonial Pipeline attack showed how criminal actors from other countries can "impose consequences on the average American as they go about their lives in a way that was unimaginable 10 years ago."

"And it's now at a national security threat level,” she said. “That is something that we have to take on. We cannot just sit back and protect our own networks and defend our way out of the situation."

Already Cyber Command has developed its "persistent engagement" strategy and, as Eoyang pointed out, the Defense Department overall attention to the matter has increased. DOD has upped its teamwork with federal law enforcement agencies, including the Justice Department and FBI, specifically.

"This can't just be about securing our systems or going on offense,” she said. “We have to think about how we impose costs in a much more significant way,” noting that DOD has raised the priority of criminal, particularly ransomware, attackers.

"The bigger issue is how do you get nation-states to take responsibility for the threats that emanate from their territory? How do you say, 'Look, you're either creating a permissive environment or you're directing attacks,'” she said. “We need to have a conversation about this country to country, at least from the Defense Department," while the FBI and DOJ work to prosecute individuals.

A few days after Eoyang's talk at Aspen, the Biden administration announced plans to convene a meeting of 30 countries to talk about ongoing threats posed by ransomware, according to a report in CNN.

Eoyang said establishing norms around cyberspace activities continues to be a challenge.

"We have not seen a nation-state sponsor a cyberattack that's the equivalent of an armed attack," such as one that equates to severe bodily harm or loss of life, Eoyang said. "And we've been very clear about that as a red line for the United States -- that the equivalent of an armed attack is going to get you a response. But I think below that, I think it's very difficult to define norms." She added: "I think it's really hard to have a normative conversation with other countries, because so much of this activity is clandestine."

This article was first posted to FCW.

About the Author

Lauren C. Williams is senior editor for FCW and Defense Systems, covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at [email protected], or follow her on Twitter @lalaurenista.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected