US critical infrastructure owners are to be required to report all future cyberattacks and ransomware payments to the Cybersecurity and Infrastructure Security Agency (CISA).
Companies who fail to report the cybercrimes within the agreed upon time frame could risk being taken to court, or even be faced with an investigation by the Justice Department.
As the US continues to provide support to Ukraine, the landmark bill is part of a wider effort from the Biden administration to defend the country's digital infrastructure against threat of Russian cyberattacks.
The US is Toughening its Cyber Defences
If your company is critical to US national interests, keeping data breaches under wraps is no longer an option.
The new rule requires selected companies, such as those operating in the finance, transportation or energy sectors, to report ransomware payments to CISA within 24 hours, and substantial cyberattacks within three days.
“This information will fill critical information gaps and allow us to rapidly deploy resources, render assistance to victims suffering attacks (and) analyze incoming reporting across sectors to spot trends” – Jen Easterly, Director of CISA
The bipartisan piece of legislation was approved by Congress last week, and is part of the Senate's $1.5 trillion funding bill that aims to give the government greater insight into the current threats facing US businesses. In return for reporting serious instances of cybercrime, the provision seeks to help businesses reduce the impact of these online attacks, and prepare for breaches that may occur in the future.
Complying with the rule is mandatory, and if companies fail to report an incident they could be subjected to a subpoena or possibly an investigation from the United States Department of Justice.
The Cybercrime Bill Faces Backlash from the FBI
While many experts are painting the bill as an historic development in the US's cybersecurity response, after the legislation was passed last week the Federal Bureau of Investigation (FBI) was quick to voice its concerns.
Speaking at an event at the University of Kansas, FBI Director Christopher Wray expressed that this bill may unnecessarily complicate the laws response to cybercrimes, explaining “We want one call to be a call to us all.”
“What’s needed is not a whole bunch of different reporting but real-time access by all the people who need to have it to the same report. So that’s what we’re talking about, not multiple reporting chains but multiple access, multiple contemporaneous action, to the information” he continued.
The lawmakers behind the piece of legislation have since responded to these comments, claiming that the FBIs liability concerns have been addressed in the final edition of the bill.
US Businesses Continue to Brace For Russian Cyberattacks
The senators behind the bill, Rob Portman and Gary Peters, believe it's a necessary measure to counter potential threats directed from the Russian government.
This comes at a time where Russia continues to play out its war online, using it's robust cyber capabilities to target Ukrainian computer networks with customized, malicious malware.
While most of the US has remained largely exempt from Russia's cyber might so far, the nation's biggest financial institutions haven't been so lucky. Banking giants including JP Morgan, Goldman Sachs, Citigroup and Bank of America have suffered repeated attacks on their infrastructures, with executives claiming that the latest waves of attempted breaches have felt different.
With the severity of these attacks escalating after sanctions against Ukraine were announced, it's assumed that they represent a direct retaliation from the Russians.
These developments come after Russian hackers were found guilty of shutting down the US's biggest fuel pipeline in 2021 – in a move that caused gas stations along the East Coast to run dry for days.
In response to the growing threats of international cybercrime, the White House recently instructed US companies to brace themselves for potential attacks. In an online statement released on the 8th of March, Deputy National Cyber Security Advisor Anne Neuberger urged private businesses to exercise due caution, citing the rise of global ransomware attacks as the reason.
How Can My Business Protect Itself?
Unfortunately, the threat of foreign and domestic cyberattacks isn't disappearing anytime soon. But by taking preventative action, you can strengthen your company's defences and achieve some precious peace of mind.
If you don't already use antivirus software, now is the time to start. Not only can it protect your systems against hackers and data thieves, it also blocks spam and unwanted adverts to limit unwanted distractions.
Password managers can also be used to help you store your passwords security. This is especially effective way to lower the threat of Russian state-sponsored APT (Advanced Persistent Threat) actors that have been able to access classified servers by cracking weak passwords.
For more ways to stay safe online, check out our vital cybersecurity advice.