Sen. Gary Peters, D-Mich., chairman of the Senate Homeland Security and Governmental Affairs Committee, has released a report saying the federal government lacks sufficient information on ransomware attacks and the use of cryptocurrency in ransom payments.
The report also found that current reporting of such attacks is fragmented across federal agencies and that lack of comprehensive information on cryptocurrency payments and ransomware attacks restricts available tools to protect against national security threats, Peters’ office said Tuesday.
According to the study, the lack of data on such attacks and payments restricts the capability of the federal government and the private sector in assisting victims of cybercrimes.
The report offers several recommendations, including the need for the administration to implement a law that requires incident reporting of cyberattacks and ransomware payments against critical infrastructure, and standardize federal data on ransom payments and ransomware incidents to facilitate analysis.
Congress should come up with more public-private programs to investigate the ransomware economy and support data sharing regarding ransomware payments and attacks.
Implementing the Cyber Incident Reporting for Critical Infrastructure Act of 2022 “will be a significant step to ensuring our government has better data to understand the scope of this threat, disrupt the incentive virtual currencies provide for cybercriminals to commit attacks, and help victims quickly recover after breaches,” Peters said.