Cybersecurity

Want to stop the next WannaCry? Stop classifying and start sharing

world map 

A push to declassify cyber-related intelligence would lead to better information-sharing and be the most effective way to face down the next WannaCry, former U.S. Chief Information Security Officer Gregory Touhill said at a June 15 congressional hearing. That global ransomware attack, he warned, "could have been much, much worse."

Touhill, speaking at a joint hearing held by two subcomittees of the House Science, Space and Technology Committee, said both government and private industry should engage in frequent exercises and drills as preparation for the next event.

"Public private partnerships are an instrumental tool" in preventing the next WannaCry, agreed

Darin LaHood (R-Ill.). The congressman praised another witness, Kryptos Logic CEO Salim Neino, as a case in point -- noting it was a Kryptos employee who first identified the WannaCry "kill switch" that enabled governments and other organizations to contain the ransomware's spread.

The chief barrier to better public-private collaboration is a systemic lack of information sharing, Touhill declared. And "the biggest inhibition to information sharing between the public and private sector," he said, "is over-classification of information by the government."

Touhill noted that a disproportionate amount of information marked top secret was at the same time widely available in the public domain. One fix? "Change the default setting," he said, so that more information is initially unclassified. One study has shown, he said, that classified information appears online in about seven days anyway.

This transparency would assist in preparation, noted Touhill -- a point echoed by Charles H. Romine, director of the Information Technology Laboratory at the National Institute of Standards and Technology.

Such preparations are not always about prevention, he stressed. "We are often thinking about detection and prevention of attacks," he said. "We don't pay enough attention to response and recovery."

Touhill agreed, adding that serious planning and preparation should involve exercises and drills that include personnel at all levels.

Regular drills "including the C-suite" would invest preparation with the urgency it deserves, he said. "I think that's a conversation that boards and C-suites should be having, because frankly, if I'm somebody who's an investor in a company that's attacked, I'm going to be asking, 'why weren't you doing due care and due diligence?'"

About the Author

Ben Berliner is an editorial fellow at FCW. He is a 2017 graduate of Kenyon College, and has interned at the Center for Responsive Politics and at Sunlight Foundation.

He can be contacted at bberliner@fcw.com.

Click here for previous articles by Berliner.


Featured

  • Cybersecurity
    Shutterstock photo id 669226093 By Gorodenkoff

    The disinformation game

    The federal government is poised to bring new tools and strategies to bear in the fight against foreign-backed online disinformation campaigns, but how and when they choose to act could have ramifications on the U.S. political ecosystem.

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.