{"id":415243,"date":"2022-03-11T21:34:17","date_gmt":"2022-03-11T18:34:17","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/hacked-us-companies-to-face-new-reporting-requirements\/"},"modified":"2022-03-11T21:34:17","modified_gmt":"2022-03-11T18:34:17","slug":"hacked-us-companies-to-face-new-reporting-requirements","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/hacked-us-companies-to-face-new-reporting-requirements\/","title":{"rendered":"#Hacked US companies to face new reporting requirements"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a3d8abb1d33d\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a3d8abb1d33d\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/hacked-us-companies-to-face-new-reporting-requirements\/#%E2%80%9CHacked_US_companies_to_face_new_reporting_requirements%E2%80%9D\" >&#8220;Hacked US companies to face new reporting requirements&#8221;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9CHacked_US_companies_to_face_new_reporting_requirements%E2%80%9D\"><\/span>&#8220;Hacked US companies to face new reporting requirements&#8221;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<div>\n<div class=\"article-gallery lightGallery\">\n<div data-thumb=\"https:\/\/scx1.b-cdn.net\/csz\/news\/tmb\/2022\/hacked-us-companies-to.jpg\" data-src=\"https:\/\/scx2.b-cdn.net\/gfx\/news\/hires\/2022\/hacked-us-companies-to.jpg\" data-sub-html=\"Sen. Gary Peters, D-Mich., speaks at a news conference on Capitol Hill in Washington, Feb. 8, 2022. Companies critical to U.S. national interests will have to report when they're hacked or they pay ransomware. The new rules approved by Congress are part of a broader effort by the Biden administration and Congress to shore up the nation's cyberdefenses after a series of high-profile digital espionage campaigns and disruptive ransomware attacks. Credit: AP Photo\/Andrew Harnik, File\">\n<figure class=\"article-img\">\n            <img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/scx1.b-cdn.net\/csz\/news\/800a\/2022\/hacked-us-companies-to.jpg\" alt=\"Hacked US companies to face new reporting requirements\" title=\"Sen. Gary Peters, D-Mich., speaks at a news conference on Capitol Hill in Washington, Feb. 8, 2022. Companies critical to U.S. national interests will have to report when they're hacked or they pay ransomware. The new rules approved by Congress are part of a broader effort by the Biden administration and Congress to shore up the nation's cyberdefenses after a series of high-profile digital espionage campaigns and disruptive ransomware attacks. Credit: AP Photo\/Andrew Harnik, File\" width=\"800\" height=\"530\"\/><figcaption class=\"text-darken text-low-up text-truncate-js text-truncate mt-3\">\n                Sen. Gary Peters, D-Mich., speaks at a <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">news<\/a> conference on Capitol Hill in Washington, Feb. 8, 2022. Companies critical to U.S. national interests will have to report when they&#8217;re hacked or they pay ransomware. The new rules <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>roved by Congress are part of a broader effort by the Biden administration and Congress to shore up the nation&#8217;s cyberdefenses after a <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/watch-movies-tv-seriess\/\" data-internallinksmanager029f6b8e52c=\"8\" title=\"Watch Movies &amp; TV Series\" target=\"_blank\" rel=\"noopener\">series<\/a> of high-profile digital espionage campaigns and disruptive ransomware attacks. Credit: AP Photo\/Andrew Harnik, File<br \/>\n            <\/figcaption><\/figure>\n<\/p><\/div>\n<\/div>\n<p>Companies critical to U.S. national interests will now have to report when they&#8217;re hacked or they pay ransomware, according to new rules approved by Congress.<\/p>\n<p>                                                                                The rules are part of a broader effort by the Biden administration and Congress to shore up the nation&#8217;s cyberdefenses after a series of high-profile digital espionage campaigns and disruptive ransomware attacks. The reporting will give the federal government much greater visibility into hacking efforts that target private companies, which often have skipped going to the FBI or other agencies for help.<\/p>\n<p>&#8220;It&#8217;s clear we must take bold action to improve our online defenses,&#8221; Sen. Gary Peters, a Michigan Democrat who leads the Senate Homeland Security and Government Affairs Committee and wrote the legislation, said in a statement on Friday.<\/p>\n<p>The reporting requirement legislation was approved by the House and the Senate on Thursday and is expected to be signed into law by President Joe Biden soon. It requires any entity that&#8217;s considered part of the nation&#8217;s critical infrastructure, which includes the finance, transportation and energy sectors, to report any &#8220;substantial cyber incident&#8221; to the government within three days and any ransomware payment made within 24 hours.<\/p>\n<p>Ransomware attacks, in which criminals hack targets and hold their data hostage through encryption until ransoms have been paid, have flourished in recent years. Attacks last year on the world&#8217;s largest meat-packing company and the biggest U.S. fuel pipeline\u2014which led to days of gas station shortages on the East Coast\u2014have underscored how gangs of extortionist hackers can disrupt the economy and put lives and livelihoods at risk.<\/p>\n<p>State hackers from Russia and China have had continued success hacking into and spying on U.S. targets, including critical infrastructure targets. The most notable was Russia&#8217;s SolarWinds cyberespionage campaign, which was discovered at the end of 2020.<\/p>\n<div class=\"article-gallery lightGallery\">\n<div data-thumb=\"https:\/\/scx1.b-cdn.net\/csz\/news\/tmb\/2022\/hacked-us-companies-to-1.jpg\" data-src=\"https:\/\/scx2.b-cdn.net\/gfx\/news\/hires\/2022\/hacked-us-companies-to-1.jpg\" data-sub-html=\"FBI Director Christopher Wray speaks at a news conference at the Justice Department in Washington Nov. 8, 2021. Companies critical to U.S. national interests will have to report when they're hacked or they pay ransomware. The new rules approved by Congress are part of a broader effort by the Biden administration and Congress to shore up the nation's cyberdefenses after a series of high-profile digital espionage campaigns and disruptive ransomware attacks. Credit: AP Photo\/Andrew Harnik, File\">\n<figure class=\"article-img text-center\">\n            <img decoding=\"async\" src=\"https:\/\/scx1.b-cdn.net\/csz\/news\/800a\/2022\/hacked-us-companies-to-1.jpg\" alt=\"Hacked US companies to face new reporting requirements\"\/><figcaption class=\"text-left text-darken text-truncate text-low-up mt-3\">\n                FBI Director Christopher Wray speaks at a news conference at the Justice Department in Washington Nov. 8, 2021. Companies critical to U.S. national interests will have to report when they&#8217;re hacked or they pay ransomware. The new rules approved by Congress are part of a broader effort by the Biden administration and Congress to shore up the nation&#8217;s cyberdefenses after a series of high-profile digital espionage campaigns and disruptive ransomware attacks. Credit: AP Photo\/Andrew Harnik, File<br \/>\n            <\/figcaption><\/figure>\n<\/p><\/div>\n<\/div>\n<p>Experts and government officials worry that Russia&#8217;s war in Ukraine has increased the threat of cyberattacks against U.S. targets, by either state or proxy actors. Many ransomware operators live and work in Russia.<br \/>\n                                            <!-- Google middle Adsense block --><\/p>\n<p>&#8220;As our nation rightly supports Ukraine during Russia&#8217;s illegal unjustifiable assault, I am concerned the threat of Russian cyber and ransomware attacks against U.S. critical infrastructure will increase,&#8221; said Sen. Rob Portman, a Republican from Ohio.<\/p>\n<p>The legislation designates the Department of Homeland Security&#8217;s Cybersecurity and Infrastructure Security Agency as the lead agency to receive notices of hacks and ransomware payments. That caused concern at the FBI, which had openly campaigned for tweaks to the bill in an unusually public disagreement over legislation endorsed overall by the White House.<\/p>\n<p>&#8220;We want one call to be a call to us all,&#8221; FBI Director Christopher Wray said last week at a cyber event at the University of Kansas. &#8220;What&#8217;s needed is not a whole bunch of different reporting but real-time access by all the people who need to have it to the same report. So that&#8217;s what we&#8217;re talking about\u2014not multiple reporting chains but multiple access, multiple contemporaneous action, to the information.&#8221;<\/p>\n<p>The FBI also has expressed concern that liability protections that would cover companies that report a breach to CISA would not extend to reporting a breach to the FBI, an issue the bureau believes could unnecessarily complicate law enforcement efforts to respond to hacks and to aid victims.<\/p>\n<p>Lawmakers who helped write the bill have pushed back against the FBI, saying the bureau&#8217;s concerns about being notified of hacks and liability concerns were adequately addressed in the final version of it.<\/p>\n<p>The new rules also empower CISA to subpoena companies that fail to report hacks or ransomware payments, and those that fail to comply with a subpoena could be referred to the Justice Department for investigation.\n                                                                                                                        <\/p>\n<hr\/>\n<div class=\"article-main__explore my-4 d-print-none\">\n<p>                                            A sign of ransomware growth: Gangs now arbitrate disputes\n                                        <\/p><\/div>\n<hr class=\"mb-4\"\/>\n<p class=\"article-main__note mt-4\">\n                                                \u00a9 2022 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.<\/p>\n<p>                                        <!-- print only --><\/p>\n<div class=\"d-none d-print-block\">\n<p>                                                 <strong>Citation<\/strong>:<br \/>\n                                                 Hacked US companies to face new reporting requirements (2022, March 11)<br \/>\n                                                 retrieved 12 March 2022<br \/>\n                                                 from https:\/\/techxplore.com\/news\/2022-03-hacked-companies-requirements.html<\/p>\n<p>                                            This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no<br \/>\n                                            part may be reproduced without the written permission. The content is provided for information purposes only.<\/p><\/div>\n<\/p><\/div>\n<p><script id=\"facebook-jssdk\" async=\"\" src=\"https:\/\/connect.facebook.net\/en_US\/sdk.js\"><\/script><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more Like this articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/science\/\" target=\"_blank\" rel=\"noopener\">Science category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/techxplore.com\/news\/2022-03-hacked-companies-requirements.html\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;Hacked US companies to face new reporting requirements&#8221; Sen. Gary Peters, D-Mich., speaks at a news conference on Capitol Hill in Washington, Feb. 8, 2022. Companies critical to U.S. national interests will have to report when they&#8217;re hacked or they pay ransomware. The new rules approved by Congress are part of a broader effort by&#8230;<\/p>\n","protected":false},"author":1,"featured_media":415244,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/scx2.b-cdn.net\/gfx\/news\/hires\/2022\/hacked-us-companies-to.jpg","fifu_image_alt":"","footnotes":""},"categories":[16],"tags":[],"class_list":["post-415243","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sciencee"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/415243","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=415243"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/415243\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/415244"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=415243"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=415243"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=415243"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}