DHS secretary touts response to ransomware attack

DHS secretary touts response to ransomware attack
© Victoria Sarno Jordan

Homeland Security Secretary John KellyJohn Francis KellyMORE is touting as a success his department’s response to the ransomware attack that targeted systems around the world earlier this month.

“What was really impressive to me in all of the high-level meetings I was at — at the White House — on this topic … how almost every part of every conversation ended with, ‘DHS is in the lead, DHS has got this,’” Kelly said during testimony before a Senate Appropriations subcommittee on Thursday.

Kelly said the minimal effect of the “Wanna Cry” ransomware on systems in the United States was a result of DHS’s work with the private sector.

ADVERTISEMENT
“That was a direct result — not just DHS but to a large degree DHS — in how that was detected initially, how we working with our partners outside the U.S. government as well as inside, pretty impressive,” Kelly said. 

Kelly echoed comments he made last week at a meeting of the president’s National Security Telecommunications Advisory Committee (NSTAC). Lawmakers on Capitol Hill have similarly described the minimal impact on the U.S. as evidence of the government’s successful response to the cyber threat.

The ransomware campaign, which surfaced on May 12, was notably less damaging to the United States than other countries like Britain, where it crippled the country’s national health system. While the ransomware did affect some American companies such as FedEx, officials say it did not affect any federal systems.

The ransomware exploited a vulnerability in Microsoft Windows. While Microsoft had previously issued a patch for its supported systems, many around the world remained unpatched, leaving them vulnerable to the ransomware.

In just three days, the ransomware had spread to an estimated 150 countries and infected over 300,000 machines. 

DHS, which is responsible for protecting federal networks and critical infrastructure from cyber threats, immediately issued guidance for users to patch their systems to protect against the ransomware. The department also shared information on the event with domestic and international partners and offered technical support and assistance.

Cybersecurity researchers have found evidence tying the ransomware campaign to a North Korean state hacker group, though U.S. government officials say they are still investigating the matter.

At Thursday’s hearing, Kelly largely fielded questions about border security and plans for President Trump’s border wall. He testified on the administration’s fiscal 2018 budget request for the department, which seeks $2.6 billion for border security. 

The budget proposal also requests additional funding for cybersecuriy efforts at DHS, which are spearheaded by the department’s National Protection and Programs Directorate (NPPD). 

“The threat is constant,” Kelly said of cybersecurity on Thursday. “We need to up our game.”