RALEIGH, N.C. (WNCN) – Gas tanks were running on empty. People were unable to get to work or to the grocery store.
None of it was pleasant. It was all due to a cyberattack on the Colonial Pipeline that stopped the fuel supply to much of the state and region.
“The key is key infrastructure — obviously medical records, financial records — but we’re seeing our public institutions being targeted because they don’t have the most sophisticated technology,” said Rep. Deborah Ross of North Carolina’s 2nd Congressional District.
Municipal budgets are already strained. Rocky Mount is just one example of such an attack in 2020. The Durham city and county IT systems were also hit by malware that same year. To get a handle on this, Ross has introduced the Ransom Disclosure Act.
“(It) would be a real game-changer for showing trends for having people understand the psychology of this,” she said.
Currently, victims of cybercrimes aren’t required to report such attacks, disclose how much ransom they paid, or what currency they used. Companies and public institutions are often reluctant to do that. This legislation would allow them to remain publicly anonymous but still require them to share the information with the Department of Homeland Security.
“The anonymity for them in the public sphere is so important so that we get all of the information that we need to understand the scope of the problem,” Ross said.
The Ransom Disclosure Act will:
- Require ransomware victims (excluding individuals) to disclose information about ransom payments no later than 48 hours after the date of payment, including the amount of ransom demanded and paid, the type of currency used for payment of the ransom, and any known information about the entity demanding the ransom;
- Require DHS to make public the information disclosed during the previous year, excluding identifying information about the entities that paid ransoms;
- Require DHS to establish a website through which individuals can voluntarily report payment of ransoms;
- Direct the Secretary of Homeland Security to conduct a study on commonalities among ransomware attacks and the extent to which cryptocurrency facilitated these attacks and provide recommendations for protecting information systems and strengthening cybersecurity
It would potentially better protect everything from utilities to bank accounts. Ross said it’s also going to take continued diplomatic pressure on the countries where the cybercriminals are located.
“It is a priority of the president to have understandings with these countries that they cannot enable or turn a blind eye to people who are committing cybercrimes,” she said.