Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

CISA 2015, ransomware and America’s cyber future: Former FBI official Cynthia Kaiser warns of rising risks

(McCrary Institute)

By Don Kauffman

Chinese espionage campaigns, Russian ransomware gangs, and criminal hackers are converging in ways that put ordinary Americans at risk. Former FBI cyber official Cynthia Kaiser says the U.S. is unprepared if key protections lapse.

Cynthia Kaiser, senior vice president at Halcyon and former deputy assistant director for cyber at the FBI, says a lapse in the Cybersecurity Information Sharing Act of 2015, which expires Sept. 30, would leave the country in the dark, making both businesses and consumers more vulnerable.

“If CISA 2015 lapses, companies may be less inclined or may be less able to share information with the government … and then America would be in the dark,” Kaiser warned on the McCrary Institute’s Cyber Focus podcast, hosted by Frank Cilluffo. She stressed that without liability protections, corporate victims of cyber incidents could shy away from reporting attacks, cutting off critical data that helps the government warn others.

Kaiser tied the warning to the Salt Typhoon breach, in which Chinese hackers accessed data from millions of Americans. Some companies responded exactly as defenders would hope – working openly with the FBI to identify victims and contain the damage. But without CISA 2015, she noted, breach attorneys might advise silence instead of cooperation, leaving the public blind to attacks.

Kaiser argued that the risks of losing CISA 2015 extend far beyond routine cybercrime. Ransomware, she said, is no longer just a criminal shakedown but a geopolitical tool. Iran deployed it in Albania as cover for a long-running espionage campaign, while China has blurred the line between intelligence gathering and disruptive attacks. “As a mom … the Chinese government now has information about who [kids] called, where they were, how long the call was. … It really shows that the Chinese government is indiscriminate,” she said. The indiscriminate nature of these operations, she argued, shows the growing willingness of state actors to target civilians.

For Kaiser, stopping these threats requires more than traditional law enforcement takedowns. She believes industry should be empowered to take a more offensive posture. One example she laid out: Allow licensed companies to trace and reclaim cryptocurrency stolen by ransomware gangs.

“I’d love to be able to repatriate the stolen crypto that criminals have taken from everyday Americans and bring it back to the U.S. … We could bring back so much money, and sanctions would then not just be something on paper,” she said. “… It would actually bankrupt the operations.” By giving private actors clear authority to enforce sanctions in the digital domain, Kaiser argues the U.S. could deprive criminal groups of their profits and tilt the balance of power back toward defenders.

At the same time, Kaiser warned that adversaries are already weaving artificial intelligence into their playbooks, raising the stakes for defenders. AI can accelerate the speed and complexity of cyberattacks, making it harder for governments to mount operations or even keep pace with detection. The window for action, she cautioned, is closing.

Her final point was blunt: Washington must do more than react to adversaries’ moves. It must set boundaries. “We should really just be asking, ‘What are our red lines today, and have we already gone over them?’” she said. Without clearly defined limits, the U.S. risks drifting into a cyber conflict dictated entirely on its enemies’ terms.

This article is based on Kaiser’s interview on the McCrary Institute’s Cyber Focus podcast.
Watch the full episode here.

Click to listen highlighted text!