Sponsored by Monday Properties and written by ARLnow, Startup Monday is a weekly column that profiles Arlington-based startups, founders, and other local technology news. Monday Properties is proudly featuring 1812 N. Moore Street in Rosslyn.
Hacks of infrastructure are on the rise, according to Ballston-based cyber security company Fend, which says the newly passed infrastructure bill with “unprecedented” cybersecurity spending couldn’t come at a better time.
Within the last year, criminals have realized that the business of holding billion-dollar infrastructure systems for ransom is a lucrative one, says Fend’s CEO and Founder Colin Dunn. Companies and government agencies work together to rustle up the ransom sum and put a halt to the chaos these attacks cause, such as the long lines at the pump after the Colonial Pipeline hack.
“They’re out for the money,” Dunn said. “It wasn’t until this year that they realized, ‘Oh, you can hold a pipeline company for ransom and everyone’s going to be really angry.’ I think we’re going to see more of it. Attackers are seeing how weakly defended these major major assets are.”
The $1 trillion infrastructure bill, signed into law last week, includes nearly $2 billion for cybersecurity. About $1 billion will go to state, local, tribal and territorial governments to modernize their systems to deter cyber attacks; $100 million will support a cyber response and recovery fund accessible to private-sector owners of critical infrastructure; and $21 million will go toward staffing the Office of the National Cyber Director, according to a U.S. Senate press release.
Dunn is encouraged by the allocation, as well as similar allocations in the American Rescue Plan Act.
“This is really unprecedented,” Dunn said. “I think the administration has seen these attacks, like the one on Colonial Pipeline… and they’re taking it really seriously, knowing that’s a threat that our enemies and criminals can hold over us — hold billion-dollar assets for ransom.”
Colin Dunn of Fend at an expo this year (courtesy photo)
Having the conversation now — when new infrastructure is set to be built — means that cybersecurity can be embedded from the beginning, rather than retroactively applied after an attack, he says.
“So much of the infrastructure that we are seeing fall under attack… we’ve had to apply cybersecurity way after these facilities were brought online. Now we’re talking about doing that up front,” …….