The recent ransomware attacks targeting Chicago-based CommonSpirit Health that disrupted patient care and EHRs ignited a conversation on how to deal with the rise in ransomware attacks. ProPublica reporters Renee Dudley and Dan Golden argue in a Nov. 6 New York Times op-ed that the FBI needs to do more to address cybercrime.
Ransomware has evolved from attacks extorting individuals for hundreds of dollars to well-organized groups targeting massive health systems and crucial infrastructure.
Ms. Dudley and Mr. Golden argued the FBI lacks agents with computer skills due to institutional barriers. Instead of hiring top-tier cybercrime talent, the agency often has tried to turn agents with no computer background into cybercrime specialists.
In addition, advancement within the FBI is often based on arrests. However, arrests in ransomware attacks can be hard to come by, often because investigations are lengthy or the suspects are not in the U.S. The authors said that these conditions incentivize computer professionals to look for high-paying opportunities in the private sector rather than the FBI.
To tackle ransomware attacks and cybercrime, the authors proposed that the FBI model its efforts after the Dutch National Police’s High Tech Crimes Unit. The unit hired cybersecurity experts by dropping physical fitness and weapons requirements — to which the FBI stringently adheres — for cyber policing.