Sen. Mark Warner, D-Va., chairman of the Senate Intelligence Committee, said today he expects legislation will be soon filed in Congress to mandate cyber incident reporting to Federal authorities.
Speaking during an event organized by Axios and focused on the recent spate of high-profile ransomware attacks on U.S. critical infrastructure sector firms, Sen. Warner said he believes that “strong, bipartisan incident reporting legislation” will emerge “in the next couple of weeks,” and that bill will have the support of the Biden administration.
The senator did not detail the expected legislation, but indicated it will improve the Federal government’s awareness of cyberattacks that rely on ransomware demands, and its ability to take actions that respond to those and to pursue perpetrators.
“It won’t stop everything, but it will be an important first step to make sure we can bring our capabilities to bear when these actions happen,” he said.
Speaking more generally about ransomware and the temptation of victimized organizations to pay off their attackers in order to restore their hacked systems, Sen. Warner discussed how such payments can be illegal depending on who they are made to. “You don’t want to see people paying off” criminals, he said, but added that many hacked organizations face little choice especially if their businesses deliver vital services such as healthcare.
“We want to get to the place where nobody pays off” their attackers, he said. But in the interim, he continued, “let’s at least make the payments more transparent” to Federal authorities.
“For years, we have been underestimating cyber threats,” Sen. Warner said, adding, and “for years companies have been paying off ransomware … that’s not acceptable.”
The senator also pointed to the Federal government’s success in clawing back a portion of the $4.4 million that Colonial Pipeline paid to its attackers, and said the Justice Department’s ability as part of that effort to seize cryptocurrency was “an unprecedented action by the government.”