Cybersecurity officials call on Congress to force private companies to disclose ransomware attacks

Federal cybersecurity officials on Tuesday called on Congress to pass new laws that would force businesses and organizations to disclose ransomware attacks, an indication of the growing urgency of countering the problem of hacks.

Mandatory disclosure of ransomware attacks on private entities to federal authorities would allow the government to better track hacks, catch the perpetrators, and prevent future attacks, said Richard Downing, a top official in the criminal division at the Justice Department. He testified Tuesday before the Senate Judiciary Committee alongside Eric Goldstein, the executive assistant director for cybersecurity for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.

Despite cyberattacks being a common problem in the past decade, it is the recent series of massive attacks on the computer systems of the federal government, the Colonial Pipeline, and the meat producer JBS that have brought mainstream awareness to the need for increased cybersecurity protections within governments and businesses.

PANDEMIC WORK-FROM-HOME HELPED CREATE SURGE IN RANSOMWARE ATTACKS

At the hearing Tuesday, the officials said that mandatory disclosure requirements should include details of any ransom demands or payments made to private entities.

"Mandatory reporting of data breaches and attacks is the big thing we're looking for from Congress," Goldstein told the Washington Examiner.

He added that the $20 million response and recovery fund that the DHS has requested to provide additional cybersecurity assistance to local governments and private entities would be a "critical step forward for us."

CLICK HERE TO READ MORE FROM THE WASHINGTON EXAMINER

The Cyber Response and Recovery Act, a bipartisan bill introduced in April by Democratic Sen. Gary Peters of Michigan and Republican Sen. Rob Portman of Ohio, would create the Cyber Response and Recovery Fund and would provide better coordination between federal and nonfederal actors trying to respond to serious cyberattacks or breaches.

Additionally, the House Energy and Commerce Committee passed eight bipartisan bills last week to better equip the government and businesses with tools to handle the recent explosion in ransomware attacks.

Comments are closed.