Incident reporting, ransomware payment legislation faces trouble in Senate

Legislation requiring critical infrastructure owners to report major cyber incidents to the federal government, and mandating that ransomware victims disclose when they make payments, has hit a significant snag in the Senate. A bipartisan group of senators announced a proposal in November that would require critical infrastructure owners and operators to report within 72 hours to the Department of Homeland Security’s Cybersecurity and Infrastructure Agency when they suffer major cyber incidents, as defined by CISA. It also would require reporting of ransomware payments to CISA from a broader set of organizations, excluding only individuals and some smaller businesses, within 24 hours. Advocates hope that by requiring swift reporting of major incidents, federal officials can help reduce the damage more quickly. Gathering intelligence about ransomware payments would help law enforcement and national security officials understand and act on digital extortion trends, officials say. Backers were unable to advance the proposal last […]

The post Incident reporting, ransomware payment legislation faces trouble in Senate appeared first on CyberScoop.

Continue reading Incident reporting, ransomware payment legislation faces trouble in Senate

Two bills seek transparency in ownership of election vendors

Senators introduced a pair of bills Thursday that would crack down on foreign ownership of election systems in the U.S., as the government continues to try to mitigate supply chain risk. Sen. Chris Van Hollen, D-Md., announced the Protect Our Elections Act and the Election Systems Integrity Act, both of which would set restrictions and reporting requirements around foreign ownership and operation of election systems. The former has bipartisan backing, with co-sponsorships from Susan Collins, R-Maine, and Ben Cardin D-Md. The latter is also backed by Cardin and Sen. Amy Klobuchar, D-Minn. The two bills overlap significantly in scope. Asked why they’re separate, a spokesperson for Van Hollen said that one deals with disclosure while the other would issue a ban. The Protect Our Elections Act would outlaw foreign ownership of election systems, specifically ones that deal with voting, tabulation, voter registration and communication systems for election agency. The bill would […]

The post Two bills seek transparency in ownership of election vendors appeared first on Cyberscoop.

Continue reading Two bills seek transparency in ownership of election vendors

Senate Intelligence Committee pushes for improvements to election cybersecurity

The Senate Intelligence Committee on Tuesday published recommendations to improve election infrastructure cybersecurity as the 2018 election season is set to kick into high gear. The effort comes after numerous reports that Russian-linked entities tried to penetrate election systems in the weeks before the 2016 election. “It is clear the Russian government was looking for vulnerabilities in our election systems, ” Sen. Richard Burr, R-N.C., said. “There is no evidence any vote was changed.” The committee urged its peers to “urgently pass legislation” increasing assistance to states to hire technology staff, update software, contract cybersecurity vendors and conduct security audits. “There were 40 states that were operating with election equipment that was a decade old,” said Sen. Mark Warner, D-Va. “Much of that equipment had outdated software you weren’t able to upgrade even if you chose to.” The Senate Intelligence Committee’s number one recommendation is to ensure that states, not the […]

The post Senate Intelligence Committee pushes for improvements to election cybersecurity appeared first on Cyberscoop.

Continue reading Senate Intelligence Committee pushes for improvements to election cybersecurity

Bipartisan bill calls for more coordination between federal, state officials on election cybersecurity

A bipartisan group of senators introduced legislation on Thursday that aims to protect U.S. elections from foreign meddling through cyberattacks, citing reports from the intelligence community that Russia explored such interference in the 2016 election. The bill, called the Secure Elections Act, would facilitate communication among the federal, state and local levels of government on cyberthreats to elections. Specifically, it would require the Department of Homeland Security to expedite security clearances for state election officials to review information on such threats. The legislation also seeks to provide guidelines for how to secure election systems and would provide grants states to implement those guidelines and upgrade their election equipment. The bill would also create a “Hack the Election” program that would allow independent researchers to assess the security of election systems. The provision doesn’t specify whether it would have to be a bug bounty program like the U.S. military’s recent efforts. James Lankford, R-Okla., […]

The post Bipartisan bill calls for more coordination between federal, state officials on election cybersecurity appeared first on Cyberscoop.

Continue reading Bipartisan bill calls for more coordination between federal, state officials on election cybersecurity

Election cybersecurity should be priority for new DHS secretary, senators say

Sens. Amy Klobuchar and James Lankford published a letter on Tuesday asking newly confirmed Homeland Security Secretary Kirstjen Nielsen to make election cybersecurity a priority for her tenure, citing concerns about alleged Russian interference in the 2016 U.S. election. The senators, who are both on the committees for Appropriations, Homeland Security and Intelligence, say there must be more coordination between state and federal agencies to protect elections, which are run by the states, from cyberattacks. “Election security is national security, and our election systems have become a target for foreign adversaries,” Klobuchar, D-Minn., and Lankford, R-Okla., wrote. The Department of Homeland Security in January designated election systems as “critical infrastructure.” Klobuchar and Lankford praised that designation but said that more must be done. They called for improved information sharing on the state and federal levels. Security clearances for state election officials, which would allow them to review classified materials about cyberthreats, should be expedited, the senators said. The senators also said the […]

The post Election cybersecurity should be priority for new DHS secretary, senators say appeared first on Cyberscoop.

Continue reading Election cybersecurity should be priority for new DHS secretary, senators say

Senators introduce election cybersecurity bill to improve information sharing

Two U.S. senators are introducing a bill that aims to increase states’ preparedness for cyber interference in federal elections amid concerns about foreign meddling in the 2016 election, Reuters reported. Sens. Susan Collins, R-Maine, and Martin Heinrich, D-N.M., announced the the Securing America’s Voting Equipment (SAVE) Act on Tuesday, which would authorize the Director of National Intelligence (DNI) to issue security clearances to state officials in charge of running federal elections. The clearance would allow the DNI to share classified intelligence about election threats with those officials. The legislation would also authorize a grant program to let states upgrade their election technology. While the Department of Homeland Security designated election systems as “critical infrastructure” in January, this bill would reiterate that designation as legislation. The DHS last month notified 21 states that their election systems were scanned by Russian hackers looking for vulnerabilities. However some of those states challenged that notion and said their systems were never scanned […]

The post Senators introduce election cybersecurity bill to improve information sharing appeared first on Cyberscoop.

Continue reading Senators introduce election cybersecurity bill to improve information sharing