Financial institutions critical to U.S. national interests will now have to report substantial cyber assaults and ransom payments to the federal government, an Associated Press report said, under a bill passed by Congress and expected to be signed by President Joe Biden.
The move comes amid the escalating war in Ukraine and concerns of possible Russian cyber threats to the U.S. firms. Last year, multiple private and government organizations were jolted by a series of high-profile digital espionage campaigns and disruptive ransomware attacks. The reporting will provide federal government much greater visibility into hacking efforts that target private firms, which often have skipped going to the FBI or other agencies for assistance.
The reporting requirement was approved by the House and Senate on Thursday. It is expected to be signed into law by President Biden soon. “It’s clear we must take bold action to improve our online defenses,” stated Sen. Gary Peters, a Michigan Democrat who leads the Senate Homeland Security and Government Affairs Committee.
AP wrote that the new rules require any entity considered part of America’s critical infrastructure, including finance, transportation, and energy, to report any “substantial cyber incident” within 72 hours, and any ransomware payment they make within 24 hours, to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.
According to Heather Hogsett, a senior leader of the Bank Policy Institute’s technology policy division, the 36-hour notices of service disruption “allow bank regulators to keep a pulse on what is happening in the country’s financial services industry” while the 72- and 24-hour notices to CISA will allow the agency to “produce reports about threat actors and provide early warning of potential attack vectors.”
In recent years ransomware attacks have flourished beyond expectation and have targeted multiple high-profile organizations. Last year, the ransomware operators targeted the biggest U.S. fuel pipeline and the world’s biggest meat packing company.
The state hackers based in Russia and China have had success in spying on and hacking U.S. targets, including those that are deemed critical infrastructure, Reuters reported.
Security experts and government officials are concerned that Russia's war in Ukraine has increased the threat of cyberattacks against U.S. entities, by either state or proxy actors. Many ransomware operators live and work in Russia.
“As our nation rightly supports Ukraine during Russia’s illegal unjustifiable assault, I am concerned the threat of Russian cyber and ransomware attacks against U.S. critical infrastructure will increase. The federal government must be able to quickly coordinate a response and hold these bad actors accountable," said Sen. Rob Portman, a Republican from Ohio.