Director of National Intelligence Avril Haines testifies before the Senate Armed Services Committee in Washington, DC on May 2, 2024.
Win Mcnamee | Getty Images News | Getty Images
The top US intelligence official warned Congress of an alarming rise in cyberattacks at a hearing on global threats on Thursday.
Director of National Intelligence Avril Haines said the number of ransomware attacks worldwide increased by up to 74% in 2023.
Haines’ comments come from various companies, such as: UnitedHealth Group, MGM Resorts And Cloroxwere disrupted by cyberattacks last year.
“Although the likelihood of a single attack having widespread impact on disrupting critical services remains low, the increased number of attacks and the willingness of actors to access and manipulate these control systems increases the collective likelihood that “At least one of them could have a major impact,” Haines told members of the Senate Armed Services Committee.
Haines said U.S. companies faced the most attacks in 2023, with attacks in sectors such as healthcare doubling compared to last year.
The intelligence chief also said there had been a sharp increase in attacks on critical infrastructure control systems, but added that there were several ways for organizations to prevent attacks.
In 2021, a ransomware attack forced the shutdown of the largest fuel pipeline in the United States. The closure caused significant disruption to gas deliveries and resulted in long lines at gas pumps on the East Coast.
“Many of these attacks are fundamentally possible because good cybersecurity practices are simply not being followed, passwords are not being updated, and the type of work required to patch vulnerabilities is not being done,” Haines said.
Sen. Angus King, I-Maine, urged Haines to do more to prevent state-sponsored attacks by U.S. adversaries. The United States has accused China and Russia in recent years of enabling cyberattacks on American soil.
“They must understand that we are putting their systems at risk. … That has to be part of our strategy. It can’t just be patching and cyber hygiene,” King said.
Thursday’s warning came a day after UnitedHealth Group CEO Andrew Witty told Congress in a separate hearing that the company paid a $22 million ransom to hackers who broke into its subsidiary Change Healthcare had penetrated. In 2023, cyberattacks also temporarily shut down MGM’s hotel booking system and disrupted production at Clorox.
Don’t miss these exclusives from CNBC PRO
Source link
2024-05-02 16:52:55
www.cnbc.com