Incident reporting, ransomware payment legislation faces trouble in Senate

Legislation requiring critical infrastructure owners to report major cyber incidents to the federal government, and mandating that ransomware victims disclose when they make payments, has hit a significant snag in the Senate. A bipartisan group of senators announced a proposal in November that would require critical infrastructure owners and operators to report within 72 hours to the Department of Homeland Security’s Cybersecurity and Infrastructure Agency when they suffer major cyber incidents, as defined by CISA. It also would require reporting of ransomware payments to CISA from a broader set of organizations, excluding only individuals and some smaller businesses, within 24 hours. Advocates hope that by requiring swift reporting of major incidents, federal officials can help reduce the damage more quickly. Gathering intelligence about ransomware payments would help law enforcement and national security officials understand and act on digital extortion trends, officials say. Backers were unable to advance the proposal last […]

The post Incident reporting, ransomware payment legislation faces trouble in Senate appeared first on CyberScoop.

Continue reading Incident reporting, ransomware payment legislation faces trouble in Senate

Senate fails to confirm new CISA director before two-week break, drawing criticism

The Senate’s failure to confirm a new director for DHS’s top cybersecurity agency before the chamber goes on a two-week recess has raised ire from cybersecurity leaders who say the role is too important to leave unfilled. President Joe Biden nominated Jen Easterly, a former U.S. National Security Agency official, for CISA director and Chris Inglis as national cyber director in April. The Senate confirmed Inglis last week. Easterly will be tasked with leading the agency at a critical time for U.S. cybersecurity. The agency is still dealing with the aftermath of a high-profile Russian hack of nine federal agencies. It also faces a growing ransomware crisis, including recent high-profile attacks on fuel provider Colonial Pipeline and meat supplier JBS. “It’s completely irresponsible for Republicans to block Jen Easterly’s confirmation and delay getting her on the job at a time when we need all hands on deck to protect against […]

The post Senate fails to confirm new CISA director before two-week break, drawing criticism appeared first on CyberScoop.

Continue reading Senate fails to confirm new CISA director before two-week break, drawing criticism

Why is DJI getting the Huawei treatment?

While a big portion of the current trade war is focused on tech giant Huawei, another company based in China has been battling U.S. government claims that its products present national security concerns. SZ DJI Technology, the world’s largest commercial drone maker, is facing a ban from all U.S. military purchases over cybersecurity concerns and allegations of links to the Chinese government. But while the company has long been accused of security issues — a threat level nudged up to a “national security threat,” as one Senate staffer told CyberScoop — few supporting details have emerged. There is no public evidence showing a link between mass swaths of U.S. user data falling into the hands of Chinese intelligence services, as has been suggested in Congressional testimony and a public intelligence report from Immigrations and Customs Enforcement. But concerns over government use of commercial drones continues as the company moves to […]

The post Why is DJI getting the Huawei treatment? appeared first on CyberScoop.

Continue reading Why is DJI getting the Huawei treatment?