US government in favor of mandatory reporting of ransomware attacks

The US government supports mandatory reporting of ransomware attacks and other cyber incidents, Richard Downing, a senior US Department of Justice official, said during a Senate committee hearing ( pdf ).

According to Downing, existing legislation must be amended to counter the "explosion of ransomware incidents". One of the areas to look at is a reporting obligation for organizations that are victims of ransomware and other attacks. Downing informed the Senate Committee that many incidents are currently not reported to the federal government.

As a result, the latter cannot investigate and disrupt these attacks, so that perpetrators go free. Downing calls this a major challenge for the US response to the threat of ransomware. Recently, there have been calls in the US to introduce a reporting obligation when victims of ransomware pay ransom. If it is up to the US government, companies will also be forced to disclose when they are victims of an attack.

Implementing a duty to report would further allow federal resources to be mobilized to protect the country from cyber threats and prosecute the responsible perpetrators, Downing continued. The government official says there should be a streamlined process for reporting attacks, after which the relevant information is immediately shared with all necessary federal services.

Previous Post Next Post