As President Joe Biden stated, the U.S. government has made significant strides in the ongoing battle against the "ransomware scourge" over the past four years. Upon taking office, Biden and his administration quickly declared ransomware a threat to national security, granting new powers to the military and intelligence agencies. Since then, the U.S. has successfully disrupted ransomware infrastructure, recovered millions in ransom payments, and brought charges and sanctions against some of the most notorious ransomware operators.

Despite the government's recent increased enforcement efforts, the number of cyberattacks targeting U.S. organizations continues to rise, making this year set to be another record-breaking year for ransomware. This means that when President Donald Trump takes office again in January next year, he will also inherit a significant ransomware problem. While it is difficult to predict what the cybersecurity policies will look like over the next four years, the entire industry is preparing for change. It is hard to say what changes will occur in future policies and regulations, as the changes involve many levels and participants. However, regardless of who is in power, cyberattacks will not stop, and ransomware remains a top concern.

The first term is mixed

From a cybersecurity perspective, Trump's first presidential term was a mixed bag. Shortly after Trump took office, his first executive order (albeit delayed) required federal agencies to immediately assess their cybersecurity risks. Subsequently, in 2018, the Trump administration unveiled the first national cybersecurity strategy for the U.S. government in over a decade, leading to a more aggressive "name and shame" attribution policy and relaxing the rules that allowed intelligence agencies to "retaliate" against adversaries through offensive cyber attacks.

At the end of the year, the US Congress passed a law establishing a new federal cybersecurity agency responsible for protecting America's critical infrastructure. The Trump administration appointed Chris Krebs as the first director of the agency, but two years later, the then-president fired Krebs via Twitter. The reason was that Krebs called the 2020 election (which Trump lost) "the most secure election in American history," contradicting Trump's false claims of "fraud" in the election. Although cybersecurity issues did not become a significant part of the Trump administration's messaging thereafter, the Republican National Committee, which supported Trump's rise to power, stated during the 2020 election that the new Republican government would "raise the security standards of our critical systems and networks."

A large number of deregulation measures are expected

As part of his commitment to cut government spending, Trump pushed for reductions in the federal budget, which raised concerns that resources for cybersecurity at agencies might be reduced, making federal networks more vulnerable to cyberattacks. At this time, U.S. networks are already under attack from hostile nations. Federal agencies have warned this year that hackers pose a "widespread and relentless threat."

"Project" is a detailed blueprint drafted by the influential conservative think tank, the Heritage Foundation. Reportedly, it is a "wish list" of proposals intended for implementation during Trump's second term. The project also hopes that the president can push for legislation to dismantle the entire Department of Homeland Security and transfer federal cybersecurity agencies to operate under the leadership of the Department of Transportation. Deregulation will become a primary theme of the Trump administration. This could impact the role in formulating cybersecurity regulations for critical infrastructure and may lead to an emphasis on self-regulation.

The new guidelines proposed in the month require critical infrastructure companies to disclose breaches within three days starting from next year. These so-called rules "may also undergo significant modifications to reduce the requirements for reporting cyber incidents and related obligations." This could mean fewer data breach notifications for ransomware incidents and ultimately lower transparency in ransom payments, a problem that security researchers have long considered an issue.

Much of what the United States has done over the past four years, including the formation of an international government coalition that vowed not to pay ransoms to hackers, could become early casualties of a broad government deregulation. The Global Ransomware Task Force established by President Biden has accelerated many law enforcement activities by facilitating information exchange. This situation is likely to disappear, or at least the United States will no longer be a part of it, and reduced intelligence sharing could lead to an increase in ransomware attacks.

Will it cause more confusion?

As attention to regulation wanes, Trump's second term is likely to continue targeting offensive cyberattacks and adopt a more proactive approach to addressing ransomware issues. It is expected that the United States' cyber offensive capabilities will be enhanced, including the increased use of hacker countermeasures. Trump has consistently supported measures aimed at curbing adversaries to U.S. sovereignty and security. This will encompass the use of offensive cyber capabilities and the strengthening of 'hacker counterattack' activities, similar to those collaborations seen over the past few years.

The US government's ongoing efforts to disrupt botnets, command-and-control sites, and malicious software operations have continued in recent years. Targeting ransomware, initial access brokers, cybercrime infrastructure, and quasi-governmental actions will remain a focus.