NSA director expects to be facing ransomware attacks ‘every single day’ in five years

National Security Agency (NSA) Director Paul Nakasone predicted Tuesday that the rate of ransomware attacks will not slow down in the next five years, and said efforts to counter those threats must remain constant as well. 

“Every single day,” Nakasone said when asked how often the U.S. would face ransomware attacks in five years, during a conversation at cybersecurity firm Mandiant’s Cyber Defense Summit Tuesday. 

“We are persistently engaged, and being persistently engaged, you have unique insights that you can develop, you have unique capabilities you can bring forward, there are matters upon which you can engage your adversaries,” said Nakasone, who also serves as commander of U.S. Cyber Command. “I think if you leave that, then your adversaries have determined in due course what they are going to do.”

Mandiant CEO Kevin Mandia, whose company responds to ransomware attacks and other cyber incidents, noted the need to “keep the uniform on” following Nakasone’s prediction around ransomware attacks.

While ransomware attacks are nothing new, they have escalated over the past year during the COVID-19 pandemic, with cybercriminals going after vulnerable groups such as schools and hospitals that are more likely to pay to quickly regain access to encrypted systems. 

Ransomware attacks have risen to become a national security threat in recent months following high-profile attacks on Colonial Pipeline, which provides 45 percent of the East Coast’s fuel, on meat producer JBS USA, and on IT company Kaseya, which impacted up to 1,500 companies it worked with.

The Biden administration has been proactive in taking a stand against ransomware attacks, with President Biden pressuring Russian President Vladimir Putin to take action against cybercriminals within Russia’s borders during their in-person meeting in Geneva earlier this year. 

Later this month, the administration will continue an effort to reduce ransomware attacks when the White House National Security Council convenes 30 countries to address cybersecurity concerns. 

Anne Neuberger, the deputy national security advisor for Cyber and Emerging Technology, also spoke at the Mandiant conference Tuesday, describing the upcoming meeting as a “counter-ransomware initiative” with a focus on “cryptocurrency, resilience, disruption and diplomacy.”

“There’s been a great deal of interest in countries around the world participating in these tracks, discussing how we partner, and discussing how we build an enduring partnership to make us most effective, and it’s exciting to work with allies and partners to make forward progress against these hard problems,” Neuberger said. 

When asked by Mandia if she believed the U.S. would still be facing ransomware attacks every day in five years, Neuberger said she was “hopeful” that would not be the case. 

While Nakasone was pessimistic about the future of ransomware attacks, he expressed optimism around the national attention on cybersecurity and the talent pool working for the government, following a tough year of attacks. 

“I think our nation realizes how important that cybersecurity is for our economy, our informational capabilities, and our defense,” Nakasone said. “I feel really good about the future, I feel really good about where we’re headed.”