Ransomware

CISA Requests Input on Terms Already Defined by Incident Reporting Law

The agency is embarking on a rulemaking process to implement the law, which requires those who make ransomware payments to report them to the government. 

Congressional Commission Probes HHS Capability to Address Health Sector Ransomware Attacks

The oversight group wants more detailed information on the HHS’ cyberdefenses as digital networks for critical infrastructure remain a target for malicious actors.

Ransomware Hackers Will Still Target Smaller Critical Infrastructure, CISA Director Warns

CISA Executive Director Brandon Wales discussed how ransomware actors target companies of all sizes, and how CISA wants organizations to prevent zero-day events.

Justice Recovered $500K for Victims, Traced Ransomware Payments to China

The announcement emphasizes the department’s new strategy to address cyber threats, which also includes enforcing financial penalties for federal contractors misrepresenting their cyber defenses.

North Korea Behind Manually Executed Ransomware Attacks, Federal Agencies Say

Officials are connecting the “Maui” ransomware to attacks on the public health sector over the past year. 

House Panel Passes RANSOMWARE Act to Get FTC Reports on Cross-Border Work

The Energy and Commerce subcommittee also forwarded a bipartisan privacy and data security bill to the full committee but—lacking support from Senate leadership—that legislation appears dead in the water.

Justice Pursues Collaboration to Fight Cyber Crime with EU Member States

Under an executive order on the responsible development of digital assets, the department recently recommended the U.S. deepen its investment in international organizations to counter ransomware and other illicit activity.

Trackers Say Sanctions Against Crypto Exchanges Are Working in Ransomware Fight

One witness testifying before the Senate Homeland Security and Governmental Affairs Committee called for greater international enforcement against money laundering.

Senate Report Highlights Lack of Government Data on Ransomware Payments

A new report details the role cryptocurrencies play in incentivizing ransomware attacks and the government’s response.

Transportation Proposes Near $1M Fine for Colonial Pipeline One Year After Hack

The firm has 30 days to respond with evidence contesting the agency’s allegation of safety violations.

Financial Regulator Says Use of Crypto Helps—not Hurts—Ransomware Investigations

Senators left and right are using the Colonial Pipeline hack and Russia’s invasion of Ukraine as reasons to both regulate and avoid regulating cryptocurrencies.

Cyber-Incident Reporting Legislation Clears House in Bipartisan Spending Bill

The bill, attached to government funding legislation, now moves to the Senate, which recently passed the same incident reporting provisions separately by unanimous consent.

Russia-Ukraine Conflict Could Push Major Cybersecurity Legislation Past Finish Line

The threat of Russian retaliation against the west is front-of-mind with Senate passage of key bills to require reports of ransomware payments and other cybersecurity incidents to the government, overhaul FISMA and codify FedRAMP. 

Ransomware Attacks Exploded in Number and Scale in 2021, Per Cyber Firm

A new Crowdstrike report describes a dramatic increase in activity from both criminal and smaller nation-state groups.

FBI: Ransomware Attackers Have Code to Halt Critical Infrastructure

Monitoring remote access technology will be especially important for limiting the reach of malicious actors, allied cybersecurity agencies said in a report on trends they’ve observed over the last year in a booming ransomware industry.

New Cyber Safety Board Pivots to Tackle log4j Vulnerabilities

The DHS body’s primary focus will be on addressing vulnerabilities in the commonly used log4j software library, but will also incorporate findings on the ‘SolarWinds’ hack.

The U.S. is Working to Improve Ukraine’s Cyber Defenses in the Face of Russian Threat

The prospect of a cyberattack amid heightened regional tensions creates a stark contrast against delicate diplomatic efforts the U.S. is pursuing to thwart ransomware criminals officials say are operating out of Russia.