Why The U.S. Can't Stop Cyber Attacks

U.S. recently faced a series of ransomware attacks on critical infrastructure like the Colonial Pipeline, the city of Tulsa, and JBS, the worlds largest meat producer. Ransomware, a program that hackers use to hold digital information hostage, has become the top choice of malware for criminals. In 2020, the total amount of ransom paid by the victims reached nearly $350 million worth of cryptocurrency, most of them in bitcoin. So what led to the rise of ransomware in the U.S. and what makes it so difficult to fight?

The May 7 ransomware attack on the Colonial Pipeline “is probably the most significant ransomware attack on one of our critical infrastructures ever,” said Rep. John Katko, R-N.Y. And shortly after the pipeline was hit, the U.S. faced more ransomware attacks — targeting cities, ferries and even a meat plant.

“Although ransomware has really been around since 2013, it has not yet been seriously taken in terms of something that could impact critical infrastructure,” said Vanessa Pegueros, chief trust and security officer at OneLogin.

Ransomware, a program that hackers use to hold digital information hostage, has become the top choice of malware for criminals in recent years. In 2020, the total amount of ransom paid by victims reached nearly $350 million worth of cryptocurrency, a 311% increase compared with the previous year, according to Chainalysis.

“Over the last two years, it’s well into the millions, hundreds of millions of dollars from victims that we’ve come across,” said Marc Bleicher, managing director at Arete Incident Response.

Ransomware has grown into a multibillion-dollar industry. A majority of the ransom paid is shared among a relatively small number of highly organized groups of criminals with names such as Evil Corp. or DarkSide. According to Chainalysis, 199 deposit addresses received 80% of all ransoms paid in 2020, while an even smaller group, 25 addresses, accounted for nearly half.

These groups have become increasingly bold, showing off bundles of cash and fancy sports cars. That’s because tracking, arresting and bringing these hackers to justice is often incredibly difficult.

“A lot of these organizations are allowed to essentially operate freely within Russia or other former Soviet states as long as they don’t hit anybody within that country,” Bleicher said. “So unless there’s a cooperation at the political level there, I don’t see this going away anytime soon.”

The Colonial Pipeline incident sent shockwaves across the oil industry and the U.S. government, alerting them to the severity of cybersecurity concerns.

President Joe Biden signed an executive order to strengthen U.S. cybersecurity defenses, while House lawmakers rolled out a bill to invest $500 million in state and local cybersecurity in May.

But there remains a lot more work to be done, especially when it comes to critical infrastructure. Roughly 85% of America’s critical infrastructure is privately owned, and the private sector is not required to follow the strict cybersecurity guidelines set by the government.

“We’ve got electric grids in this country, we have water systems, we have pipelines. We have a lot of critical infrastructure that is really open to some of these ransomware attacks and cyberattacks,” said Katko. “And we need to do a much better job than that.”

When it comes to the future of ransomware attacks, experts agree: It is far from over.

“The amount of impact it’s going to continue to have will grow, and I think the amount of money to be made will continue to grow,” Pegueros said. “I don’t know where that will peak out, and I don’t know if it’s just going to morph into something even more dangerous and scary. It’s hard to say. But I don’t think we’re at the peak yet.”

» Subscribe to CNBC: https://cnb.cx/SubscribeCNBC
» Subscribe to CNBC TV: https://cnb.cx/SubscribeCNBCtelevision
» Subscribe to CNBC Classic: https://cnb.cx/SubscribeCNBCclassic

About CNBC: From ‘Wall Street’ to ‘Main Street’ to award winning original documentaries and Reality TV series, CNBC has you covered. Experience special sneak peeks of your favorite shows, exclusive video and more.

Connect with CNBC News Online
Get the latest news: https://www.cnbc.com/
Follow CNBC on LinkedIn: https://cnb.cx/LinkedInCNBC
Follow CNBC News on Facebook: https://cnb.cx/LikeCNBC
Follow CNBC News on Twitter: https://cnb.cx/FollowCNBC
Follow CNBC News on Instagram: https://cnb.cx/InstagramCNBC
Subscribe to CNBC PRO: https://cnb.cx/2NLi9AN


How Cryptocurrency Is Driving The Ransomware Boom in The U.S.


  1. Last Camper on December 22, 2021 at 12:23 am

    Why do we need to wait for the peak?

  2. j on December 22, 2021 at 12:23 am

    I think Cisa will meet its match! And they won’t exist shortly also! Go after everyone & everything. What does illegal mean when the government is corrupt itself? Do an illegal means to achieve the greater good, change laws for the greater good of what? And for all of a majority?

  3. SUPRATIK SARKAR on December 22, 2021 at 12:23 am

    There is no way you can recover bitcoin once transaction is done. Darkside most probably have that $2.3 million to the US back because they were not directly involved.

  4. Iyeet Security on December 22, 2021 at 12:26 am

    All these corporations hold regular citizens hostage _every day._
    So I don’t see why anyone should care if it happens to them.
    Healthcare. Banks. Utility companies. They’re _all_ *for profit* and carry overly inflated costs, contracts, and penalties that take people hostage for generations.
    No sympathy for these corporate criminals.

  5. RustbeltRob classic on December 22, 2021 at 12:31 am

    It’s because they are too busy with crap that just doesn’t matter…
    They also don’t spend what is needed to actually lock down the infrastructure.
    Those who get it most of the time get it due to poor training, not securing the network, and not spending the money needed to do the security.. IT workers are treated like a burden.

  6. efgtest on December 22, 2021 at 12:31 am

    The criminals are those who are in control of your "CLOUD DATA" Get your data, Blackmail you! blame it on the Hackers, Use it as an excuse that internet is not safe and then Go full to Cyber Polygon AND get full control over Cryptocurrency. That’s the way to do it!

  7. Benjamin on December 22, 2021 at 12:31 am

    I received a legit crypto payment from mask ☝️ today

  8. edochig1 on December 22, 2021 at 12:34 am

    This sounds like an inside job to prime the public for the great reset, it will start as a black swan even like a massive cyber hack sponsored by the federal reserve. It’s all hegelian dialect.

  9. Jayslollipop on December 22, 2021 at 12:34 am


  10. SavedBYJesus on December 22, 2021 at 12:34 am

    There will come a cyberattack and it will be a false flag attack like Covid19. It is planned.

  11. Nick name s on December 22, 2021 at 12:35 am

    The USA should hire American hackers and German to trace and attack water and energy sectors in those countries.

  12. Mon Valley truth on December 22, 2021 at 12:35 am

    Time to go back to paper

  13. TIME BANDIT on December 22, 2021 at 12:37 am

    Why are you wasting all this time with the 1/6 protest when the real problem is, STOP THESE ATTACKS! NO ONE KNOWS HOW MUCH DATA HAS ALREADY BEEN STOLEN, YOU FOOLS!

  14. Lasha Zhvania on December 22, 2021 at 12:39 am

    Please help with “zzla” Ransomware

  15. Jay Heredia on December 22, 2021 at 12:42 am

    Biden letting China do this to us

  16. Thanks to Olekhack on IG on December 22, 2021 at 12:43 am

    My account got deactivated for doing nothing, I don’t know how gavinhacks on instagram was able to recover my account but am so happy getting it back..

  17. Allen Clark on December 22, 2021 at 12:46 am

    I’m a victim of cyber attack via cellphone. My brother in law has let it be known and obvious that he has been doing it to me. He has also gotten my former and current co workers involved as well as my neighbors. It’s been going on for 3+years. In January of 2021 my internet service (WIFI) was hijacked. I received a donation/ransom/extortion email. I’ve changed my number even bought new cellphones. After I bought the phone some said that someone called and wanted the imei number off of it. There are apps that can be purchased where a phone can be tracked using the phone and or imei number. They’ve been trying to make my life a living hell. Trying to keep me from getting a job to a place to live. (Edited)

  18. crossfire on December 22, 2021 at 12:47 am

    It is because the US doesn’t have a great firewall like China.

  19. Mark Ward on December 22, 2021 at 12:52 am

    A few years ago I was hit with the “FBI” scam … funnily enough I unlocked my laptop by restarting it and in the bios I reset my laptop to the previous day… and hey presto the “FBI” scam was no longer a problem for me

  20. Jorge Zuni on December 22, 2021 at 12:52 am

    But the infiltrated could !

  21. L5 CCNA on December 22, 2021 at 12:55 am

    Most of these attacks are because of the #1 threat vector in comapnies, PEOPLE!!!!!, train your staff to NOT CLICK ON ANY LINKS OR OPEN FILES IN EMAILS THEY DON’T TRUST. that takes care about 80% or more of the main threat vector, than follow simple industry standards, don’t make port 3389 Open to the public!!!!!, patch your main infrastrcture, air gap everything you can, have BACKUPS!!!!, some of this stuff is common sense but I still see professionals not doing this

  22. Jorge Beler on December 22, 2021 at 12:58 am

    You hack me, i go manual….it may slow down things but we are still running

  23. Ted's Life on December 22, 2021 at 12:59 am


  24. j on December 22, 2021 at 1:01 am

    Lol they say it’s attacking oil & gas what it is the EV sector. It’s completely a scam. As commutation companies are protected for lying or air.

  25. Shahalie Schrepfer on December 22, 2021 at 1:02 am

    I work for third party company of Citi Bank the Citi Benefits and Claims Administration Center and these people have viciously harassed me for almost 3 YEARS. I knew something was wrong they literally caught got that they were harassing me for months and they could let “find anything” I have chest issues from them keeping me on the phones for the longest anyone has ever seen I was and still am being severely abused.

  26. Assaad El Hage on December 22, 2021 at 1:03 am

    It is big business.

  27. Rachel Johnson on December 22, 2021 at 1:04 am

    who else is watching while the facebook is down,October, 2021 ?

  28. Xenta Atnex on December 22, 2021 at 1:07 am

    If you put your systems on the internet, it will get hacked.

  29. Ahmad W Alsharbini on December 22, 2021 at 1:08 am

    Edecauting users is the first step in protectcting the system.

  30. wally chambe on December 22, 2021 at 1:08 am

    No one wants to update their IT systems because of cost, was in my doctors out patient clinic for some tests and notice they were still using Dell computers from 2013!

  31. Thanks to Olekhack on IG on December 22, 2021 at 1:11 am

    I just got into my long lost account with the services from gavinhacks on instagram, I saw the reviews about 8 hours ago , I requested the service not long ago and I’m already back in the account, kind of incredible service , I enjoyed it . Thank You gavinhacks.

  32. Mike [cyber] on December 22, 2021 at 1:14 am

    americas rifle aimed danger close to All Indians from In dia. then most of d problem will go away. dope.

  33. Less Stress Gaming on December 22, 2021 at 1:16 am

    take windows off the shelves at stores it would be great start put a life end on all usbflash /cd win related items and installs…

  34. j on December 22, 2021 at 1:17 am

    I think it’s time to attack proprietary software, software that firms use & exchanges. NASDAQ & Dow Jones. Attack Adobe & Nvidia & intel etc. knock the all out for all I care I’ll pay to see it. The darkweb is always monitored. The pros use closed ended connection. As institutions use the same software for communication between institutions. Just as banks they use special software. & insurance has some access to it.

  35. Byzantines Internet on December 22, 2021 at 1:17 am

    chop the seafiber cables to china and all that will go away

  36. j on December 22, 2021 at 1:19 am

    I think a full scale attack on Apple will happen within months. & apple won’t be able to hide from this Trojan house will crush any government using apple. & this puts Microsoft & Motorola an even cloud computing infrastructure systems. As going after the NSA & cia & dod & every government Contract company. Or independent contractor.

Leave a Comment