Over the past 4 years, the U.S. government has made great progress in the ongoing fight against the “ransomware scourge,” as President Joe Biden has described it.

Early in his term, Biden and his administration quickly declared ransomware a national security threat, unlocking recent powers for the military and intelligence agencies. Since then, the United States has successfully disrupted and recovered ransomware infrastructure multi-million ransom paymentsand directed charges and sanctions at some of the most notorious ransomware operators.

Despite government enforcement efforts, the number of cyberattacks targeting U.S. organizations continues to rise, and 2024 shall be one other record 12 months for ransomware. This means that when President-elect Donald Trump returns to office in January, he, too, will inherit a serious ransomware problem.

Although it’s difficult to predict what the next 4 years of cybersecurity policy may appear like, the entire industry is preparing for change.

“It’s hard to say what will happen with policy and regulation in the future because there are so many layers and players involved in the changes,” Marcin Kleczyński, CEO of anti-malware giant Malwarebytes, told TechCrunch. “But I know that cyberattacks will not stop, regardless of who is in office,” Kleczyński said, citing ransomware as the most important problem.

First mixed semester

From a cybersecurity perspective, Trump’s first term as president was a mixed bag. One of Trump’s first (albeit delayed) executive orders after taking office in 2017 required federal agencies to instantly assess cybersecurity threats. Then in 2018, the Trump administration unveiled the U.S. government’s first national cybersecurity strategy in greater than a decade, which led to a more aggressive attribution and shaming policy and a leisure of rules allowing intelligence agencies to “hack” adversaries with offensive cyberattacks.

At the end of 2018, Congress passed the law founding CISAa brand new federal cybersecurity agency tasked with protecting America’s critical infrastructure. The Trump administration tapped Chris Krebs as the agency’s first director, and the then-president fired Krebs two years later in a tweet for saying that the 2020 election – which Trump lost – was “the most secure in American history,” contradicting Trump’s false claims. that the election was “rigged”.

Although cybersecurity hasn’t featured much in Trump’s messages since then, the Republican National Committee, which endorsed Trump for office, said in the 2024 election cycle that the incoming Republican administration will “raise security standards for our critical systems and networks.”

Expect a flood of deregulation

Trump’s push to chop federal budgets as part of a promise to cut back government spending has raised concerns that agencies could have fewer resources available for cybersecurity, potentially making federal networks more vulnerable to cyberattacks.

This is occurring at a time when American networks are already under attack from hostile countries. Federal agencies are warning this 12 months “a broad and merciless threat” by China-backed hackers, most recently raising alarm over the successful infiltration of multiple US telecommunications providers to access real-time call and text message records.

Project 2025, an in depth plan written by the influential conservative think tank The Heritage Foundation, which is claimed to serve “wish list” of proposals to be taken up during Trump’s second term, he also wants the president to push for laws that might eliminate the entire Department of Homeland Security and move CISA under the Department of Transportation.

Lisa Sotto, a partner at U.S. law firm Hunton Andrews Kurth, told TechCrunch that deregulation shall be an overarching theme of the Trump administration.

“This could impact CISA’s role in shaping critical infrastructure cybersecurity regulations, potentially leading to an emphasis on self-regulation,” Sotto said.

Referring to recent guidelines proposed by CISA in March which might require critical infrastructure firms to reveal breaches inside three days starting next 12 months, Sotto said these so-called CIRCIA rules “could also be significantly amended to reduce cyber incident reporting requirements and related obligations.”

This could mean fewer required data breach notifications for ransomware incidents and ultimately less visibility into ransom payments, something security researchers have long cited as an issue.

Allan Liska, a ransomware expert and threat analyst at cybersecurity firm Recorded Future, told TechCrunch in October that much of the exertions the United States has done over the past 4 years, including forming a world coalition of governments committed to not pay the hacker’s ransom, you might turn into an early victim of sweeping government deregulation.

“The Global Ransomware Task Force established by President Biden has accelerated many law enforcement efforts by enabling information sharing,” Liska said. “There is a good chance this will go away, or at least the United States will no longer be a part of it,” he said, also warning of the risk of a rise in ransomware attacks with less intelligence sharing.

Are you tempted to do more disruption?

By reducing the regulatory focus, Trump’s second term could pick up where it left off with offensive cyberattacks and take a more aggressive approach to addressing ransomware.

Casey Ellis, founder of the crowdsourcing security platform Bugcrowd, says he expects offensive cyber capabilities to grow in the U.S., including an increased use of hacking attacks.

“Trump has a history of supporting initiatives aimed at deterring enemies of U.S. sovereign security,” Ellis told TechCrunch.

“I expect this will include the use of offensive cyber capabilities as well as an increase in hack-back activities that we have seen in the partnership between the FBI and the Department of Justice over the last several years,” Ellis said, referring to the government’s efforts in recent times years to counteract botnets, DDoS landing pages and malware. “The type of ransomware, first access broker, cybercrime infrastructure, and quasi-governmental operations previously focused on by the U.S. government will continue to be in the spotlight.”