Politics Senators introduce bipartisan bill to sanction nations involved in ransomware attacks
Hillicon Valley — Presented by LookingGlass — Congress makes technology policy moves
Today is Thursday. Welcome to Hillicon Valley, detailing all you need to know about tech and cyber news from Capitol Hill to Silicon Valley. Subscribe here: thehill.com/newsletter-signup.Thursday was a busy day for Capitol Hill technology policy after a relatively quiet handful of months. First, a surprisingly large group of senators from both sides of the aisle got together to announce that a self-preferencing bill is coming next week. Next, the top four Democrats on the House Energy and Commerce committee introduced their proposal to go after "malicious" algorithms by amending everyone's favorite 26 words, Section 230 of the Communications Decency Act.
Senate Intelligence Committee Vice Chairman Marco Rubio (R-Fla.) and Sen. Dianne Feinstein (D-Calif.) on Thursday introduced legislation that would sanction countries involved in state-sponsored ransomware attacks.
The Sanction and Stop Ransomware Act would impose penalties on nations deemed by the secretary of State and the Director of National Intelligence to be a "state sponsor of ransomware" through harboring or providing support for cybercriminals carrying out such attacks. The president would then be required to impose sanctions that are consistent with those levied on nations deemed sponsors of terrorism.
Ransomware attack hits owner of dozens of local news stations
Sinclair Broadcast Group, the parent company of dozens of news stations across the U.S., was hit by ransomware over the weekend. © Provided by NBC News Sinclair said in a news release Monday morning that hackers had used ransomware to encrypt some of its key operational servers, rendering them unusable, and stolen some data.“[T]he event has caused — and may continue to cause — disruption to parts of the Company’s business, including certain aspects of its provision of local advertisements by its local broadcast stations on behalf of its customers,” the release said.
Ransomware attacks have been on the rise over the past year during the COVID-19 pandemic, reaching the level of a national security threat with the May attacks on the Colonial Pipeline, which provides 45 percent of the East Coast's fuel, and meat producer JBS USA.
The legislation would require federal agencies, government contractors and owners and operators of critical infrastructure to report ransomware attacks within 24 hours to a system to be set up with the Cybersecurity and Infrastructure Security Agency (CISA), which has 180 days to put in place the reporting operation.
Further, the legislation would require the development of cybersecurity standards for critical infrastructure groups, such as those in the electric or water sectors, in order to help prevent successful attacks.
Sinclair Broadcast Group Says Some of Its TV Stations Hit By Ransomware Attack
The Hunt Valley, Maryland-based company owns or operates 21 regional sports network and owns, operates or provides services to 185 TV stations in 86 markets.The company, which operates dozens of televisions stations across the country, said that it began investigating the apparent ransomware encryption over the weekend and found that some of its office and operational networks had been impacted.
The bill would address concerns around the use of cryptocurrency by hackers for ransomware attack payments by victims, requiring the development of regulations on cryptocurrency exchanges and that records of ransomware payments be made available to the federal government.
"Ransomware attacks threaten the health and safety of countless Americans," Rubio said in a statement. "Our bipartisan bill provides the tools necessary to help safeguard critical infrastructure while discouraging and disrupting these criminal organizations, including the regimes who harbor them."
Feinstein noted that ransomware attacks were aimed at groups of all sizes, saying that it is necessary for Congress to take steps to address the ongoing tide of attacks that have held hostage the networks of everything from hospitals to schools to government agencies.
"Congress must do more to support all organizations and companies struggling to deal with these escalating attacks," she said in a separate statement. "Our bill will help the private and public sectors avoid ransomware attacks, reduce incentives to pay ransoms and hold foreign governments accountable if they provide a safe haven for ransomware perpetrators."
Russia deconstructs Biden's ransomware delusion
How Vladimir Putin must laugh. © Provided by Washington Examiner President Joe Biden entered office pledging to strengthen allies against Russian aggression and to deter further Russian hostility. Instead, Biden has played near pitch perfectly into Putin's hands. On Wednesday, Bloomberg reported that EvilCorp, a major Russian ransomware outlet, is believed by U.S. officials to be behind last week's ransomware hack of Sinclair. A major broadcasting conglomerate, Sinclair's news, sports, and advertising programming has been disrupted across the nation.
The bill was rolled out amid escalating tensions between the U.S. and Russia over cybersecurity concerns.
The FBI tied both the attacks on Colonial Pipeline and JBS USA to Russia-based cyber criminal groups, and the more recent ransomware attack on software company Kaseya that affected up to 1,500 companies was also tied to Russian hackers by cybersecurity experts.
President Biden discussed his concerns around Russia-linked attacks with Russian President Vladimir Putin during their summit in Geneva in June, and urged him to crack down on cybercriminals operating within Russia.
Biden imposed sanctions on Russia in April after U.S. intelligence agencies linked the SolarWinds hack, which compromised nine U.S. federal agencies, to Russian government-backed hackers. The administration also separately called out China for its involvement in exploiting vulnerabilities in Microsoft Exchange Server application this year to compromise thousands of organizations.
The bill is not the first to address the surge in cybersecurity concerns, with both Rubio and Feinstein also alongside most of the Senate Intelligence Committee that would require certain critical groups to report cybersecurity incidents to CISA within 24 hours.
Rubio stressed the need Thursday to stand up to governments who allowed malicious hackers to target U.S. organizations.
"It is time for the United States to take strong, decisive action to protect American businesses, infrastructure, and government institutions," he said.
NRA Hacked by Russian Ransomware Gang, Likely Not Politically Motivated, Expert Says .
"It's not likely that this was specifically targeted at the NRA, the NRA just happened to get hit," said an intelligence analyst at a cybersecurity firm.Allan Liska, an intelligence analyst at the cybersecurity firm Recorded Future, said that it's very unusual for a politically-active group like the NRA to be singled out by ransomware gangs. Those groups usually also opt to target vulnerable technologies rather than organizations, he said.