Collaborate Disseminate
The legislation eventually garnered widespread support on its way to becoming law, but much remains unresolved.
The post The long, bumpy road to cyber incident reporting legislation — and the one still ahead appeared first on CyberScoop.
The report includes three case studies of ransomware attacks against U.S. companies within the past five years.
The post Senate ransomware investigation says FBI leaving victims in the lurch appeared first on CyberScoop.
Continue reading Senate ransomware investigation says FBI leaving victims in the lurch
The Senate passed legislation Tuesday evening requiring critical infrastructure owners to report to the feds when they suffer a major cyberattack or make a ransomware payment — shaking loose a bill that got stuck in the chamber last year. Under the measure, which now moves to the House for potential consideration, those critical infrastructure owners and operators as well as federal agencies would have to disclose a significant incident to the Department of Homeland Security’s Cybersecurity and Infrastructure Agency within 72 hours. The same owners and operators would have to report any ransomware payments to CISA, too, only within 24 hours. Its intent is to give CISA the information it needs to more widely share threat data to help curtail major cyberattacks rippling through key targets, such as what happened in late 2020 when federal contractor SolarWinds suffered a compromise that ended up spreading to federal agencies and major tech […]
The post Proposal for industries to report big cyberattacks, ransomware payments wins Senate approval appeared first on CyberScoop.
Changes in federal cybersecurity leadership over the past year allowed the private and public sectors to quickly work together in responding to the disclosure of the Log4shell bug last month, experts said Tuesday at a Senate hearing. Witnesses at the Homeland Security and Governmental Affairs Committee hearing praised the usefulness of the Joint Cyber Defense Collaborative, a new center launched by the Cybersecurity and Infrastructure Security Agency in August to help federal agencies, the private sector and state and local governments collaborate on cyberthreat response. “Its structure provided a body to scramble a snap call on Saturday afternoon after Log4shell emerged to allow industry competitors act as partners with the government to share raw situational awareness and we must continue building upon this partnership,” said Jen Miller-Osborn, deputy director of threat intelligence at Palo Alto Networks’ Unit 42. The witnesses warned that the fallout from Log4shell — a vulnerability in […]
The post CISA’s new JCDC worked as intended, witnesses say at Senate hearing on Log4Shell bug appeared first on CyberScoop.
Legislation requiring critical infrastructure owners to report major cyber incidents to the federal government, and mandating that ransomware victims disclose when they make payments, has hit a significant snag in the Senate. A bipartisan group of senators announced a proposal in November that would require critical infrastructure owners and operators to report within 72 hours to the Department of Homeland Security’s Cybersecurity and Infrastructure Agency when they suffer major cyber incidents, as defined by CISA. It also would require reporting of ransomware payments to CISA from a broader set of organizations, excluding only individuals and some smaller businesses, within 24 hours. Advocates hope that by requiring swift reporting of major incidents, federal officials can help reduce the damage more quickly. Gathering intelligence about ransomware payments would help law enforcement and national security officials understand and act on digital extortion trends, officials say. Backers were unable to advance the proposal last […]
The post Incident reporting, ransomware payment legislation faces trouble in Senate appeared first on CyberScoop.
Continue reading Incident reporting, ransomware payment legislation faces trouble in Senate
U.S. cybersecurity officials are seeking to put their stamp on cyber incident reporting legislation, wading into debates on Capitol Hill about questions like how swiftly companies must report attacks to federal agencies — and what happens if they don’t. The head of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency testified at a Senate hearing Thursday in favor of requiring critical infrastructure owners and operators, federal contractors and agencies to report attacks to CISA within 24 hours of detection. There are three leading proposals in Congress, each with a different timeframe for reporting attacks. The leaders of the Senate Intelligence Committee favor a 24-hour deadline. A draft bill from leaders of the Senate Homeland Security and Governmental Affairs Committee would set the range at between 72 hours and seven days, as determined by CISA. And a draft from leading members of the House Homeland Security Committee proposes leaving […]
The post Biden administration officials push Congress to shape breach reporting mandates appeared first on CyberScoop.
Continue reading Biden administration officials push Congress to shape breach reporting mandates
Seven months into Joe Biden’s presidency, an administration confronting several cybersecurity crises finally has a permanent director en route to take over one of the top few cyber posts in the federal government. The Senate on Monday confirmed Jen Easterly as director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency by voice vote. Once she’s sworn in, Easterly — the departing head of Morgan Stanley’s Fusion Resilience Center and a former White House and National Security Agency official — will be busy with the aftermath of a spree of ransomware attacks that have attracted the attention of policymakers like none before. They include incidents at fuel supplier Colonial Pipeline, meat processor JBS and software company Kaseya, where a compromise opened the door for attackers to claim perhaps thousands of victims. In the early months of the Biden administration, officials also have contended with a cyber-espionage operation that […]
The post Senate confirms former White House, NSA official Jen Easterly as CISA director after delay appeared first on CyberScoop.
Senate Intelligence Chairman Mark Warner is sharing draft bipartisan legislation that would require critical infrastructure owners, cybersecurity incident response firms and federal contractors to report cyber intrusions to the Homeland Security Department within 24 hours. It’s one of the earliest bills to respond a spate of attacks that began with the SolarWinds breach and continued on through the Microsoft Exchange hack and ransomware incidents at Colonial Pipeline and meat supplier JBS. It won’t be the last, either in the House or Senate. Warner has been pushing the idea for months. At a February hearing of Warner’s committee the Virginia Democrat, other senators and witnesses from SolarWinds, Microsoft and FireEye discussed the thought Warner had been floating. The fear was that if FireEye hadn’t voluntarily disclosed that it was a victim of the SolarWinds supply chain hack that compromised nine federal agencies and many technology companies, the damage would’ve been more severe. […]
The post Senate bill proposes requiring cyber incident notification to feds within 24 hours appeared first on CyberScoop.
Continue reading Senate bill proposes requiring cyber incident notification to feds within 24 hours
It’s been two months since President Joe Biden announced his two most important Senate-confirmed cybersecurity picks: Jen Easterly to lead the Department of Homeland Security’s cybersecurity agency, and Chris Inglis to be the national cyber director. During that time, ransomware attacks have forced temporary shutdowns of a major fuel pipeline and a big meat supplier, and Biden has signaled he will raise the issue of harboring criminal hackers in a meeting next week with Russian President Vladimir Putin. Americans got their closest look yet of how Inglis and Easterly would approach those pressing issues during a Senate confirmation hearing Thursday. The nominees labeled ransomware a “scourge” that threatens national security, vowed to work with critical infrastructure firms to improve their defenses, and wondered aloud if additional federal regulations were necessary to incentivize firms to reduce their vulnerabilities to hacking. The U.S. government, Inglis said, must “seize back the initiative that […]
The post Biden cyber nominees Easterly, Inglis describe ransomware as urgent national security threat appeared first on CyberScoop.
Colonial Pipeline did not have guidance in place on how to handle a ransom demand from cybercriminals who locked up its systems, its CEO testified in a hearing before the Senate Homeland Security and Governmental Affairs Committee Tuesday. The company’s failure to prepare explicitly for a ransomware attack — despite warnings from Homeland Security Department’s Cybersecurity and Infrastructure Security Agency as early as February 2020 about the risk of such attacks against the pipeline industry — underscores growing concerns from lawmakers that the critical sector needs tighter regulations when it comes to cybersecurity. “We have an emergency response process: See the threat, contain the threat, remediate the threat, and restore,” Colonial Pipeline CEO Joseph Blount said in response to a question from Sen. Maggie Hassan, D-N.H. about ransomware-specific guidance. “So in this case, you use the same process, but you use a different set of experts.” Hassan chastized Blount’s response, […]
The post Colonial Pipeline CEO says company didn’t have plan for potential ransomware attack appeared first on CyberScoop.
Continue reading Colonial Pipeline CEO says company didn’t have plan for potential ransomware attack