The government lacks comprehensive data on ransomware attacks and suffers from fragmented reporting, according to a new US Senate committee report.
The 51-page report from the Senate Homeland Security and Governmental Affairs Committee calls on the government to swiftly implement new mandates for federal agencies and critical infrastructure organizations to report ransomware attacks and payments to attackers.
The 10-month investigation, which focussed on the role of cryptocurrency in ransomware payments, found that reporting on attacks is “fragmented and incomplete”, in part because the FBI and Cybersecurity and Infrastructure Security Agency (CISA) both claim have the “one stop” website for reporting attacks — respectively, IC3.gov and StopRansomware.gov.
Since the investigation began, the US has introduced several new laws to improve ransomware incident reporting and data collection, including the Cyber Incident Reporting Act of 2021, which passed the Senate in March, 2022 under the Strengthening American Cybersecurity Act.
The new laws require critical infrastructure organizations to report cyberattacks to CISA within 72 hours and ransomware payments within 24 hours.
CISA said in March it would immediately share incident reports with the FBI, but the investigation found shortcomings with this arrangement.
“While the agencies state that they share data with each other, in discussions with committee staff, ransomware incident