Two bipartisan US senators have introduced a bill that aims to strengthen the cyber security of critical infrastructure and target foreign governments that harbour cyber criminals, in the wake of an increase of cyber attacks on the US.
The “Sanction and Stop Ransomware Act” was introduced yesterday by Republican senator Marco Rubio and Democrat Dianne Feinstein.
It aims to designate as a state sponsor of ransomware any country that the secretary of state determines has provided support for ransomware campaigns, including providing safe haven for individuals or groups. The bill requires the president to impose sanctions and penalties on each state designated as a state sponsor of ransomware, “consistent with sanctions and penalties levied on and against state sponsors of terrorism”.
Furthermore, the legislation also aims to develop regulations for cryptocurrency exchanges to reduce the anonymity of accounts and users suspected of ransomware activity and make these records available to the US government in connection with ransomware incidents. It also looks to require the development of cyber security standards for critical infrastructure entities, which are consistent with existing federal regulations.
Lastly, it requires federal agencies, government contractors, and critical infrastructure operators and owners to report the discovery of “ransomware operations” within 24 hours, consistent with the Rubio-Warner-Collins Cyber Incident Notification Act, which requires government bodies to report “cyber intrusions” within 24 hours.
RELATED RESOURCE
2021 state of email security report: Ransomware on the rise
Securing the enterprise in the COVID world
“Our bill will help the private and public sectors avoid ransomware attacks, reduce incentives to pay ransoms and hold foreign governments accountable if they provide a safe haven for ransomware perpetrators,” said Feinstein.
The bill will now be assigned to a committee to study before being voted on by the House of Representatives where it could then potentially move to the Senate if approved.
At the start of June, the US Department of Justice (DoJ) elevated ransomware investigations to a similar status as that of terrorism, following a series of attacks on the US, including the Colonial Pipeline hack. Internal guidance sent to US attorney’s offices stipulated that ransomware investigations should be centrally coordinated with a new task force in Washington. Investigating officers are then expected to share updated case details and technical information with officials in Washington.
-
Thousands of exposed civil servant passwords are up for grabs onlineNews While the password security failures are concerning, they pale in comparison to other nations
-
Global PC shipments surge in Q3 2025, fueled by AI and Windows 10 refresh cyclesNews The scramble ahead of the Windows 10 end of life date prompted a spike in sales
-
The number of ransomware groups rockets as new, smaller players emergeNews The good news is that the number of victims remains steady
-
Teens arrested over nursery chain Kido hacknews The ransom attack caused widespread shock when the hackers published children's personal data
-
NCA confirms arrest after airport cyber disruptionNews Disruption is easing across Europe following the ransomware incident
-
Cyber professionals are losing sleep over late night attacksNews Hackers are biding their time and launching attacks when businesses can’t respond
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
-
A notorious hacker group is ramping up cloud-based ransomware attacksNews The Storm-0501 threat group is refining its tactics, according to Microsoft, shifting away from traditional endpoint-based attacks and toward cloud-based ransomware.
