Senators Try to Get Tough On Rise in Cybercrime

June 17, 2021 by Tom Ramstack

WASHINGTON — A group of U.S. senators responded Thursday to recent ransomware attacks by introducing legislation to impose new tactics and harsh penalties on cyberattackers.

They pinned much of the blame on Russia, despite denials a day earlier by Russian President Vladimir Putin.

“The Russians do know about it,” said Sen. Richard Blumenthal, D-Conn., during a Capitol Hill press conference.

He said the legislation, called the International Cybercrime Prevention Act, would demonstrate to Putin that the consequences for cyberattacks “go both ways.”

The senators discussed the Colonial Pipeline and JBS S.A. ransomware attacks as prime examples of why new legislation is needed.

On May 7, Colonial Pipeline Co. ‘s system that carries gasoline and jet fuel from Houston to Southeastern states was shut down by a ransomware attack traced to a criminal gang in Russia. The company paid a $4.4 million ransom, much of which was recovered by the FBI. The pipeline resumed operations on May 12.

In the JBS case, a ransomware attack shut down the meat processing company’s operations in the United States and Australia from May 30 to June 2. JBS paid the Russian hackers an $11 million ransom in Bitcoin.

The senators also mentioned the 2020 SolarWinds attack as a motivation for striking back with new authorizations for the Justice Department. 

SolarWinds was a major cyberattack traced to a group backed by the Russian government. It penetrated computers from thousands of organizations worldwide, including U.S. government agencies.

In essence, the International Cybercrime Prevention Act would extend law enforcement tactics typically used against organized crime to cyberattackers, even if they are foreign-based. It is designed primarily to protect critical infrastructure, such as dams, power plants, hospitals and election systems.

Until now, prosecutors were largely limited to obtaining injunctions against persons believed to be involved in cybercrime. The new Senate bill would authorize broader surveillance of potential hackers.

It would allow the Justice Department to seize the kind of spyware and equipment used by cybercriminals to identify and attack victims.

It also would impose tough penalties against persons who help them, even if they are not themselves the hackers.

Although the bill does not specifically mention counterattacks by the U.S. government, senators who spoke at the press conference left a clear impression they were coming.

“This law goes after the criminal syndicates but we also have to go after the host country,” said Sen. Lindsey Graham, R-S.C.

He said that if private companies that operate infrastructure are unable to protect their networks, the federal government would help them.

“Clearly the private sector has not done its job,” Graham said.

He acknowledged that until now, the U.S. government might also have overlooked its responsibilities.

“In 2021, the Department of Defense does not have a definition for a cyberattack against the United States,” Graham said.

Although the senators gave no details of potential U.S. counterattacks, President Joe Biden told the media he is weighing options.

In addition, Defense Secretary Lloyd Austin said in a CNN interview last month that the United States has the “capability to conduct offensive operations” but he did not explain the strategy.

Putin said during a summit meeting with Biden Wednesday that he does not want a return to the Cold War. However, he added during a press conference, “Most of the cyberattacks in the world are carried out from the cyber realm of the United States.”

In The News

Health

Voting

Cybersecurity

Government Takes Helm on Cybersecurity As Ransomware and Spying Threats Grow
Cybercrime
Government Takes Helm on Cybersecurity As Ransomware and Spying Threats Grow
July 20, 2021
by Tom Ramstack

WASHINGTON -- As the international blame game over ransomware heats up this week, the U.S. government is scrambling for solutions with increasingly combative strategies. Legislation that won tentative approval in Congress on Monday anticipates a bigger role for the U.S. government in overseeing cybersecurity of critical... Read More

China Rejects Hacking Charges, Accuses US of Cyberspying
Geopolitics
China Rejects Hacking Charges, Accuses US of Cyberspying

BEIJING (AP) — China on Tuesday rejected an accusation by Washington and its Western allies that Beijing is to blame for a hack of the Microsoft Exchange email system and complained Chinese entities are victims of damaging U.S. cyberattacks. A foreign ministry spokesman demanded Washington drop... Read More

Threats of Cyberattack Loom as Space Assets Not ‘Critical Infrastructure’
Think Tanks
Threats of Cyberattack Loom as Space Assets Not ‘Critical Infrastructure’
July 19, 2021
by Kate Michael

WASHINGTON — Despite our reliance on space technology for things like communication, transportation, food, and health care — not to mention national security — our national space assets aren’t officially designated as critical infrastructure. Humanity is already dependent on space, but neglecting to protect space technology... Read More

US, Allies Accuse China of Backing Cyber Attacks Worldwide
Cybercrime
US, Allies Accuse China of Backing Cyber Attacks Worldwide
July 19, 2021
by Dan McCue

The United States, NATO and several allies collectively called out China on Monday for a series of malicious cyber- and ransomware attacks, including a March attack that exploited a flaw in Microsoft's Exchange Server. Monday’s announcement, which followed a conference call with White House reporters Sunday... Read More

$10 Million Rewards Bolster White House Anti-Ransomware Bid
Cybersecurity
$10 Million Rewards Bolster White House Anti-Ransomware Bid

BOSTON (AP) — The State Department will offer rewards up to $10 million for information leading to the identification of anyone engaged in foreign state-sanctioned malicious cyber activity against critical U.S. infrastructure — including ransomware attacks — and the White House has launched a task force... Read More

Biden: US Damage Appears Minimal in Big Ransomware Attack
Cybercrime
Biden: US Damage Appears Minimal in Big Ransomware Attack

WASHINGTON (AP) — President Joe Biden said Tuesday that damage to U.S. businesses in the biggest ransomware attack on record appears minimal, though information remained incomplete. The company whose software was exploited said fewer than 1,500 businesses worldwide appeared compromised but cybersecurity experts caution that the... Read More

News From The Well
scroll top