Cybersecurity

Want to stop the next WannaCry? Stop classifying and start sharing

world map 

A push to declassify cyber-related intelligence would lead to better information-sharing and be the most effective way to face down the next WannaCry, former U.S. Chief Information Security Officer Gregory Touhill said at a June 15 congressional hearing. That global ransomware attack, he warned, "could have been much, much worse."

Touhill, speaking at a joint hearing held by two subcomittees of the House Science, Space and Technology Committee, said both government and private industry should engage in frequent exercises and drills as preparation for the next event.

"Public private partnerships are an instrumental tool" in preventing the next WannaCry, agreed

Darin LaHood (R-Ill.). The congressman praised another witness, Kryptos Logic CEO Salim Neino, as a case in point -- noting it was a Kryptos employee who first identified the WannaCry "kill switch" that enabled governments and other organizations to contain the ransomware's spread.

The chief barrier to better public-private collaboration is a systemic lack of information sharing, Touhill declared. And "the biggest inhibition to information sharing between the public and private sector," he said, "is over-classification of information by the government."

Touhill noted that a disproportionate amount of information marked top secret was at the same time widely available in the public domain. One fix? "Change the default setting," he said, so that more information is initially unclassified. One study has shown, he said, that classified information appears online in about seven days anyway.

This transparency would assist in preparation, noted Touhill -- a point echoed by Charles H. Romine, director of the Information Technology Laboratory at the National Institute of Standards and Technology.

Such preparations are not always about prevention, he stressed. "We are often thinking about detection and prevention of attacks," he said. "We don't pay enough attention to response and recovery."

Touhill agreed, adding that serious planning and preparation should involve exercises and drills that include personnel at all levels.

Regular drills "including the C-suite" would invest preparation with the urgency it deserves, he said. "I think that's a conversation that boards and C-suites should be having, because frankly, if I'm somebody who's an investor in a company that's attacked, I'm going to be asking, 'why weren't you doing due care and due diligence?'"

About the Author

Ben Berliner is an editorial fellow at FCW. He is a 2017 graduate of Kenyon College, and has interned at the Center for Responsive Politics and at Sunlight Foundation.

He can be contacted at bberliner@fcw.com.

Click here for previous articles by Berliner.


Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.