Senate passes law to oblige DHS to respond to ransomware attacks

Lawmakers in the U.S. Senate has passed new law that would compel the government to issue bigger support to organizations that have fallen victims to different ransomware attacks. The DHS Cyber Hunt and Incident Response Teams Act would require the Department of Homeland Security (DHS) to build teams of experts that would provide expert support to organizations when they are attacked by ransomware campaigns. 

The new law will also require the DHS to establish an incident response to the team to respond to ransomware attacks effectively. Furthermore, the team will also be tasked to provide information and if necessary train organizations on how to avoid being attacked by ransomware campaigns. Other technical support from the team that will be organized will also be expected.

These cyber response team would then be sent to both public and private entities upon request, to give them “advice on how best to fortify their computer systems and prevent both ransomware and other types of cyber-attacks, as well as additional technical support. Should an organization fall victim to ransomware or another type of cyberattack, these federally-resourced teams will continue to be available to assist with incident response.”

The law, which in part motivated by the recent swath of ransomware campaign attacks in New York schools, will require the team to be available for both public and private organizations. Law enforcement agencies, schools, banks, and businesses could request the assistance of the ransomware response team as mandated by the new legislation

“The Senate passing the DHS Cyber Hunt and Incident Response Teams Act is an important step in protecting upstate New York school districts from the swaths of ransomware attacks that take hostage the personal information and vital data of our students, school employees, and local governments,” he said in a statement.

“It’s critical that we use all available resources to protect New York students from cyber crooks, and enhance and increase our resiliency to these attacks. I’m proud of the role I played in pushing this sorely-needed legislation through the Senate and won’t stop working until it’s signed into law,” he added. 

The DHS Cyber Hunt and Incident Response Teams Act Senators Maggie Hassan (D-NH) and Rob Portman (R-OH) and co-sponsored by Schumer. A similar bill has already passed in the House of Representatives, and the two pieces of legislation will now begin the reconciliation process.

Uptick of ransomware attacks and threats in New York motivates law

A ransomware campaign attack is a type of cyber attack where the malicious actor will smuggle malware-infested codes into a target’s computer system with the intention of encrypting the files saved in the said system. Once the file is already encrypted, the hackers responsible for the ransomware will demand payment, typically through bitcoin, in order for the files to be decrypted. There are cases where the hackers don’t decrypt the files after ransom payments. 

Ransomware attacks have been seen to plague different school organizations in recent months in New York. On July 8th of this year, the Syracuse City School District was breached by ransomware and forced to pay a $50,000 insurance deductible in order for the organization to regain their access to their computer system. 

“The July ransomware attack kept Syracuse City School District locked out of its operating system for roughly a 24 hour period, and additionally damaged its website, email system, and phones and ran the risk of exposing students’ private information to hackers,” reads the press release from the office of Sen. Schummer. 

Furthermore, on the same month, in the North Country, the Watertown City School District was also attacked by ransomware. Upticks of ransomware attacks and threats have been observed in recent months in Upstate New York, Schummer noted. 

Be the first to comment on "Senate passes law to oblige DHS to respond to ransomware attacks"

Leave a comment

Your email address will not be published.