Recently on 1 March 2022, the US Senate passed the American Cybercrime Act 2022. According to which in critical infrastructure, the federal agencies and organizations have to report cybercrimes in 72 hours. Organizations should also report cyber crimes and ransom demands and payments. Senator Gary Peters and Senator Rob Portman backed the bill with bipartisan support.
It will be marked as the most significant cyber bill to make through the Senate in the chamber’s history. In the past, there was another important legislation presented in 2015 and successfully passed, known as Cybersecurity Information Sharing Act. According to this, companies were given legal cover to report cyber threats to the government voluntarily.
The bill’s primary purpose is to bolster the posture of federal government cybersecurity. Another reason includes reporting any cybercrime or ransom payment of the critical infrastructure senate.
The Senate passed the act due to a warning of the potential for Russian cyberattacks targeting US organizations. It was presented by the Department of Homeland Security and Cybersecurity and Infrastructure Security Agency.
The Strengthening American Cybersecurity Act 2022 will include federal agencies’ reports about cybercrimes and ransomware. The bill also has a notice to CISA to report ransom demands within 24 hours and cyber incidents within 72 hours. There wasn’t any notice to report cyber threats to the FBI. However, the bill provided CISA with a mechanism to share the information with federal agencies.
The bill has specific minimum requirements for reporting to CISA. Furthermore, the content of reporting a cybercrime or cyber incident should include:
- A description of the covered accident
- A description of vulnerabilities that are being exploited and security defense of the place
- Describe techniques, tactics, and procedures that were used to penetrate the covered cyber incident.
- The information and contact attached about the person responsible for the cyber incident.
- All categories of information that are reasonably believed to cause the unauthorized access
- Contact information of an authorized agent of the entity
- It should also include that information that impacted entities, the state of incorporation, trade names, legal entity name, and other identifiers
On the other hand, reporting a ransom payment will include:
- A description of the attack is attached to it, including the estimated data range of the attack as well
- To penetrate the ransom attack, all the tactics and techniques should be listed
- The identity of the person that is responsible for the ransom attack with their contact
- The identity and complete information about the person who made the ransom payment.
- The contact information of the cover entity or an authorized agent of the entity
- The amount asked as a ransom payment, including the type of virtual currency
Rogue Logics provides in-depth security services for assessing and protecting your application, data, and infrastructure against potential threats on-prem or in the cloud.
Want a consultation with the professionals at Rogue Logics? Contact us and get a free quote.