Federal agencies and critical infrastructure owners and operators may need to change how they respond to cyber attacks. The U.S. Congress passed new legislation mandating they report attacks within 72 hours. In addition, it requires them to report ransomware payments within 24 hours.

Provision Impacts 16 Critical Infrastructure Sectors

This new federal legislation was also influenced by the ongoing war in Ukraine. The Strengthening American Cybersecurity Act was first approved by the Senate in early March. Later, house lawmakers packaged the reporting clause into a larger omnibus spending bill. The Senate also passed this by a large margin earlier this month. The new bill now awaits President Joe Biden’s signature for approval.

The legislation targets organizations across 16 federally designated critical infrastructure sectors, including energy, financial, manufacturing and health care services. The larger omnibus bill includes some $14 billion in emergency assistance to Ukraine in its defense against Russia, with lawmakers often citing the rise of cyber threats in the conflict.

The provision includes further assistance for the departments of Defense, State, Justice, Treasury, Commerce and others. They will receive technological and continuity-of-government aid, which includes IT infrastructure and cybersecurity services.

Bipartisan Support During Ukraine Conflict

U.S. Senators Gary Peters (D-MI) and Rob Portman (R-OH), chairman and ranking member of the Homeland Security and Governmental Affairs Committee, authored the bipartisan mandate.

In a statement, Senator Peters said, “Critical infrastructure operators defend against malicious hackers every day, and right now, these threats are even more pronounced due to possible cyber attacks from the Russian government in retaliation for our support of Ukraine. It’s clear we must take bold action to improve our online defenses. This provision will create the first holistic requirement for critical infrastructure operators to report cyber incidents so the federal government can warn others of the threat, prepare for widespread impacts and help get our nation’s most essential systems back online so they can continue providing invaluable services to the American people.”

If signed by President Biden, the legislation would amend federal government cybersecurity laws to strengthen teamwork between federal agencies, require the federal government to adopt a risk-based approach to cybersecurity and require civilian agencies to report all cyberattacks to the Cybersecurity and Infrastructure Security Agency (CISA) within strict time limits. It would require reporting of cyber incidents to be completed within 72 hours and ransomware payments within 24 hours.

The provision also gives CISA the authority to subpoena entities that fail to report cyber attacks or the payment of ransomware. Meanwhile, it will oblige CISA to sponsor a program to alert agencies of exploitable vulnerabilities connected with ransomware. CISA Director Jen Easterly will establish a joint ransomware task force to organize the federal efforts.

Cybersecurity Game Changer

Commenting on the passage of the mandate, Easterly took to Twitter to say, “Thrilled to see that the cyber incident reporting legislation has passed! This bill is a game-changer & a critical step forward for our Nation’s cybersecurity. As the nation’s cyber defense agency, it will help @CISAgov better protect our networks & critical infrastructure.”

Easterly also commented that CISA will use incident reporting to render assistance to victims suffering attacks, analyze reporting to spot trends across sectors and quickly share information with network defenders to warn potential victims and help prevent further attacks.

More from News

More School Closings Coast-to-Coast Due to Ransomware

Instead of snow days, students now get cyber days off. Cyberattacks are affecting school districts of all sizes from coast-to-coast. Some schools even completely shut down due to the attacks. The federal government recently warned that K-12 schools face a growing threat from cyber groups. According to the FBI, school districts often have limited cybersecurity protections, which makes them even more vulnerable. The FBI also says it anticipates the number of threats to increase. In a recent warning, the nation’s…

Hackers are Increasingly Targeting Auto Dealers

Auto dealerships are increasingly concerned with cybersecurity in the face of new regulations and an alarming rise in cyberattacks. The Second Annual Global State of Cybersecurity Report by CDK Global found that 85% of dealerships say cybersecurity is very or extremely important relative to other operational areas. Additionally, 89% say cybersecurity is more important than last year, a 12% increase. Not surprisingly, only 37% of auto retailers are confident in the current protection, which is a 21% decrease from 2021.…

LastPass Breaches Cast Doubt on Password Manager Safety

In 2022, LastPass suffered a string of security breaches which sparked concern among cyber professionals and those impacted by the intrusions. Some called into question the way LastPass handled and responded to the incident. In addition, the situation ignited a wider conversation about the risks linked to utilizing password managers. A password manager helps users generate strong passwords and safeguards them within a digital locker. A master password secures all data, which enables users to conveniently access all their passwords…

Good Guys Decrypt Ransomware Targeting Charitable Groups

Imagine you’re an IT manager amid a ransomware attack. While your team scrambles for solutions, the intruders demand a ransom. Of course, you don’t want to pay; you just want your files back. But as time ticks by and the extortionists turn up the heat, your bosses are about to give in and pay the ransom. But then, the FBI calls. “Don’t pay,” the agent says. “We’ve found someone who can crack the encryption.” Sound too good to be true?…