U.S. Senate Proposes Legislation to Protect Public Entities from Ransomware

  • The U.S. Senate wants to enable the DHS to form expert IT teams that will help organizations with ransomware.
  • The teams will provide technical support, advice, incident response, and data retrieval services.
  • Security analysts are happy with this first step but call for more action in the same direction.

Ransomware actors in the U.S. have gone rampant this year, and the trend is only going upwards. Simply put, attacking public entities such as schools, local agencies, government offices, and hospitals works like a charm for malicious actors. The public agencies will promptly pay the ransom as they can’t afford to remain offline for long, and they are generally easy targets as they usually don’t have any serious protection measures in place. The problem has gotten out of hand, and it costs millions taken from taxpayer money. The FBI repeatedly showed their inability to track down the actors, and so the only solution is to get organized against it.

The U.S. Senate proposed a new law called the “DHS Cyber Hunt and Incident Response Teams Act”. The proposal authorizes the Department of Homeland Security (DHS) to form and dispatch expert incident response teams that would help targeted organizations deal with ransomware attacks. These teams will deploy whatever available tools exist to help retrieve the lost data, unlock encrypted files, and restore backups. Paying ransoms and negotiating with the actors is entirely out of the question.

These incident response teams, however, will not only help with getting the systems up and running again but also in making them more robust and harder to infect with malware in the future. When there are no incidents to respond to, the teams will be visiting public and private entities (upon request), performing a proactive risk analysis, and implementing mitigation measures. A key strategy against ransomware attacks is to take regular backups and store them on offline media. The team could help the entities to incorporate this practice onto their regular procedures, and also provide technical support on how to automate this process.

While this new legislation is a solid first step in the right direction, security analysts point out that this is just the beginning. They believe that there’s a need for a centralized security operations center which has to be set up soon in the country. Without a unified approach in security that will be financially supported by the government, any advice or incident response won’t have a profound and long-term effect in the effort to stop ransomware attacks. Still, this is a legislative proposal that deserves our applause, and one that will create a safety net for the organizations that are hit by ransomware.

Have something to comment on the above? Feel free to do it in the dedicated section down below, or on our socials, on Facebook and Twitter.

REVIEW OVERVIEW

Recent Articles

10 Best Ultrawide Gaming Monitors in 2020

Ultrawide monitors are a relatively new trend in the world of computers, mainly because the technology required to make them feasible was not mature...

More Than 15 Billion Stolen Credentials Are Circulating Out There

Stolen credentials are sold by the billions today, as we have about 185 data breaches per day. Almost one-third of the stolen...

Here’s What We Know About Kilos, the Biggest Dark Web Market

One of the most infamous sites on the Dark Web was a search engine known as "Grams." Launched in 2014, Grams allowed users to search...

Zoom Announced the Launch of Its “Hardware as a Service” Program

Zoom calls companies to consider renting teleconferencing equipment from them and launches a new program. The hardware manufacturers that will support the...

The U.S. Copyright Office Says Pirates Shouldn’t Lose Their Internet Connection

Breaking the law is condemnable, but barring someone out of the internet world is unconstitutional. The U.S. Copyright Office is calling the...