Ransomware has been one of the highest-profile cybercrimes of 2016, and the FBI has been at the heart of many investigations. Jay Kramer, a supervisory special agent with the Bureau, discusses what he’s learned about defending against ransomware.
“[Organizations] are getting hit; they’re often catastrophic events, and that’s why we’re being as aggressive as we can be,” says Kramer, who supervises a squad of FBI agents and analysts in New York. The FBI’s primary goals: to ensure greater engagement between ransomware targets and the FBI as well as to improve general preparedness for these attacks.
One key challenge that healthcare entities, in particular, face is balancing the needs for speed and security. “There’s often a disconnect between the need for security and the need to get access to information quickly,” Kramer says. “They’re often at odds, and there’s an evolution underway in terms of rethinking some things … to make sure that networks are secure.”
In a video interview at Information Security Media Group’s Healthcare Security Summit in New York, Kramer discusses:
- The growth of ransomware crimes;
- Why entities remain so vulnerable after the crimes have received so much publicity;
- How to work effectively with law enforcement to investigate cybercrimes.
Supervisory Special Agent Kramer joined the FBI in 1996. After several years in the criminal division of the FBI’s New York office, Kramer was selected to join the FBI’s Office of the Chief Division Counsel. In this role, Kramer helped analyze and solve complex issues of law and policy affecting both criminal and national security investigations. In 2010, he was selected to serve at FBI headquarters in its Office of Congressional Affairs. As a congressional liaison, Kramer worked closely with congressional oversight committees on issues related to proposed changes in federal law. In 2013, he was called upon to help stand up the FBI’s Cyber Law Unit in Chantilly, Va., and in 2014, he returned to the New York office, where he currently supervises a squad of agents and analysts conducting criminal cyber intrusion investigations.