National

Gaining momentum behind legislation to protect infrastructure from ransomware and cyberattacks

The recent surge in cyberattacks has taken responsibility between private sector and federal agencies to ensure that such incidents do not damage critical infrastructure such as fuel, electricity and water, and cause significant economic damage. Caused a game of blame for truly bearing.

Most notably, whether a ransomware attack on the Colonial Pipeline stopped the flow of gasoline across the southeast in May for more than a week, requiring private companies to warn the government of computers. A new spotlight has been put on the long-standing discussions of. The system has been compromised by a hacker.

Sector companies have a variety of reasons, from the desire to limit government intrusion into their proprietary data territory, to concerns about the reputational damage that hacking incidents can bring to companies when they get a lot of media attention. We have been lobbying for these requirements for a long time.

However, such concerns are increasingly being put off as public awareness of the threat of hacking grows. Also, more active cooperation between the private sector and federal agencies such as the FBI and the Department of Homeland Security is needed to prevent the worst cyber incidents of the future.

Bipartisan momentum has led to the enactment of so-called “reporting obligations” legislation, increased government authorities in hacking investigations, and increased federal court penalties for individuals convicted of cybercrime, according to Capitol Hill sources. It is said that it is rising behind the bill that is being sought. ..

According to industry insiders, private companies are quiet when hackers attack, regardless of whether a particular company’s computer system or employees are ready to stop the attack or respond to the attack. The time has come to be able to keep up. At the end.

“We need to create a government task force that private companies at all levels working on critical infrastructure need to call and be notified if they are hacked,” said RB Advisory’s founder and CEO. Regine Bonneau said. A Florida-based company that helps companies develop cyber risk management solutions in a variety of industries.

If such requirements are not met, the current environment surrounding cyberattacks is one of the “chaos”, Bonault told The Washington Times.

“We’re currently in turmoil because we’re more responsive than aggressive,” she said. “At this point, the government is unaware of the extent of ransomware attacks on private sectors. Or the extent to which those attacks are affecting those companies. “

Other experts say that the Colonial Pipeline attack and last year’s SolarWinds hack (both blamed on Russia-backed cybercriminals) were once solid between private sector and US government cybercriminals. Down that caused the turning point where the wall began to collapse.

“This is an idea that suddenly swept Washington. If a company has a serious incident, we need to tell the government about it,” said a former National Security Agency (NSA) legal counsel and Ministry of Homeland Security. Stewart Baker said. Currently, a policy officer practicing technical law at the private company Steptoe & Johnson.

“But it’s not fully adopted at this time,” Baker, who hosts the weekly Steptoe Cyberlaw podcast, told the Times, “The industry is very cautious about sharing something with the government. Is … this is collapsing in the face of recent crises, primarily related to ransomware. “

Senator Susan Collins, a Republican in Maine, has been spreading the law for almost a decade with the aim of facilitating stronger communication between private sector and federal agencies on cyberattacks. But that effort has never seen bipartisan momentum.

A major cybersecurity bill submitted by Mrs. Collins and former Senator Joe Lieberman, who became independent of Connecticut in 2012, is more conservative, fearing the law will open new government-regulated sluices and increase private costs. Companies blocked by traditional Republican supporters demand that they meet bureaucratic cybersecurity standards.

The new urgency of ransomware attacks seems to have alleviated these concerns. Parliamentarians from both parties are circulating a bill that is far more advanced than the one proposed in 2012.This is also a requirement for companies to report hacking cases and open networks to federal agents, even from the perspective of standards industry proposals.

A bill submitted by Virginia Democratic Senator Mark Warner in mid-July and co-sponsored by Florida Republican Mrs. Collins and Senator Marco Rubio is a private owner or operation of all federal contractors and critical infrastructure. You will need someone. , And non-governmental agencies that provide cybersecurity incident response services, warn the government in the event of any cyberattack.

The law is broad in that it refers to the Critical Infrastructure Protection Act of 2001, which is very important to the United States, whether physical or virtual, for critical infrastructure. It is defined as “systems and assets that the incapacity or destruction of such systems and assets would result.” Debilitating effects on security, national economic security, national public health or security, or any combination of these issues. “

The bill requires businesses to report to the Cyber ​​Security and Infrastructure Security Agency (CISA) within the Department of Homeland Security within 24 hours of the hacking incident. Each year, the agency itself must submit to Congress a report outlining the status of attacks that struck critical infrastructure companies in a particular year, “in a categorized format as needed.”

Some consider these changes to be the renewal of the CISA and are the most responsible institutions for communication with the private sector. CISA has lost the leadership confirmed by the Senate since last year when former President Trump dismissed his director, Christopher Krebs, after issuing a statement challenging Mr. Trump’s allegations of fraud in the 2020 presidential election. ..

President Biden has nominated Jen Easterly, the former director of the NSA’s counter-terrorism center, as the leader of the CISA, but her nomination has not yet been confirmed by the Senate.

It’s still unclear whether more conservative Republicans will postpone the requirement for businesses to report cyberattacks to the government, but many GOPs have an incentive to adopt some form of aggressive cyber law. There are signs. In mid-June, Republican South Carolina Senator Lindsay Graham and Republican North Carolina Senator Tom Tyris, with the support of Senator Richard Blumentor of Connecticut and Sheldon Whitehouse of Road Island, government officials. We have resubmitted the 2018 bill for expansion.In a hacking survey

In a statement, lawmakers said that international cybercrime prevention laws have increased the power of federal investigators to seize property from hacker suspicions, the so-called “botnet” (a network of malware-infected computers used in cyber attacks). Said that it would be possible to “easily counteract and destroy”. .. The bill also “causes new criminal offenses for individuals who deliberately target critical infrastructure such as dams, power plants, hospitals and election infrastructure,” lawmakers said.

How would such a law affect the FBI’s ability to investigate international hacking groups such as the Russian-based organization Dark Side, which U.S. officials say they carried out a colonial pipeline attack? It is unknown if there is a possibility.

In a recent interview with the Times, law enforcement and intelligence agencies, the Byden administration argued that it should take more aggressive steps through sanctions and U.S.-sponsored counterattacks against groups like the Dark Side. He emphasized the relationship between various organizations and Russian intelligence agencies. Pressure Moscow to stop supporting such groups.

William F. Evanina, director of the recently retired Office of the National Counterintelligence Security Center and former chief of the CIA’s counterintelligence group, told the Times this month that ransomware attacks such as attacks on the Colonial Pipeline were the United States of Russia’s President Vladimir Putin. Economic power that said it fits into a strategy that undermines Russia’s democracy.

“The Kremlin can shut it down in a blink of an eye if needed,” Evanina said of the hacking operation.

At the same time, Evanina emphasized the need to dramatically expand information sharing between US private sectors and federal agencies. “We must have the ultimate public-private partnership here,” he said.

Mr Bonault said private sector needs to be more transparent in order to facilitate faster and more aggressive cyber forensic investigations by federal agencies.

“Government agencies are aware of cyberattacks on private sectors only if the company provides information about the hack, or if someone else publishes the company,” she said. “If a company is hacked, it needs to be reported so that government agencies can better understand the evolving threat.”

Meanwhile, Baker said most of the intelligence and defenses against cyberattacks at this time are in the hands of private companies that are “not in close contact with the government.”

Federal agents have a “surprisingly good handle” on how hackers work and what their capabilities are based on real-time observations and investigations of hacks on government networks, but be warned. “There is a real blind spot,” he said. Look inside the private network.

“Therefore, the government does not have deep insight into what is happening inside much. [private] It’s a network, and it’s not clear how to achieve it without changing the relationship between government and industry, “says Baker. “It’s a difficult problem, but here’s the true seam of defense against cyberattacks.”

Sign up for our daily newsletter



Gaining momentum behind legislation to protect infrastructure from ransomware and cyberattacks

Source link Gaining momentum behind legislation to protect infrastructure from ransomware and cyberattacks

Back to top button