A cybersecurity expert warned U.S. lawmakers last week that the world was on the cusp of a “pandemic of a different variety.”

Christopher Krebs, who formerly headed the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security, testified last Wednesday before the House Committee on Homeland Security that a form of malware called ransomware has become more prevalent than ever. Given an ever-widening criminal enterprise and vulnerable digital landscape, he said, critical infrastructure is at risk of debilitating attacks.

Two days later, Colonial Pipeline, a major fuel pipeline connecting the East Coast, was hit in the largest-known hack on U.S. energy infrastructure.

The incident, which instigated a shutdown of the pipeline, panic buying of gas and a price jump at the pump over the weekend, is one of the latest in crippling ransomware attacks orchestrated by extortionary criminal organizations that mostly operate in foreign safe havens outside the grasp of America’s criminal justice system.

Experts say continued ransomware threats are inevitable, calling on businesses and governments to ramp up efforts to secure their online networks.

“Cybercriminals have been allowed to run amok while governments have mainly watched from the sidelines, unclear on whether cybercrime is a national security-level threat,” Krebs told lawmakers. “If there was any remaining doubt on that front, let’s dispense with it now: Too many lives are at stake.”

What to know

  • What’s a ransomware attack?
  • Why is our infrastructure vulnerable to attacks?
  • How much could ransomware attacks cost?
  • What can be done about ransomware attacks?